Skip to content

Platform Engineering

← Back to all decks

17 cards — 🟢 3 easy | 🟡 4 medium | 🔴 3 hard

🟢 Easy (3)

1. What is a platform in the context of platform engineering?

Show answer A platform is a product — with users (developers), features (self-service capabilities), and quality standards (reliability, UX). It is not a set of mandates or tickets. It enables developers to provision infrastructure and deploy in minutes via CLI or UI rather than filing Jira tickets and waiting days.

Remember: "Platform engineering = paved roads, not gatekeepers." The goal is self-service with guardrails.

Name origin: The term "platform engineering" gained mainstream adoption around 2022, driven by the CNCF Platform Working Group.

Who made it: Spotify\'s Backstage (open-sourced 2020) became the most influential IDP framework.

2. What is a golden path?

Show answer An opinionated, well-supported, recommended way to accomplish a common task. It is not the only path — it is the path with the best tooling, documentation, and support. For example, a CLI command that generates a repo from a template with a Dockerfile, CI pipeline, Helm chart, and monitoring pre-configured.

Name origin: "Golden path" comes from the idea of a well-lit, well-maintained road — you CAN take a dirt road, but the golden path is faster and safer.

3. What are the four layers of the platform stack?

Show answer From bottom to top: Infrastructure (cloud providers, bare metal, networking), Infrastructure Orchestration (Kubernetes, Terraform, service mesh), Platform Services (CI/CD, secrets, DNS, certs, databases), and Developer Experience (CLI tools, web portal, docs, templates).

Example: An IDP might combine GitHub (code), ArgoCD (deploy), Backstage (catalog), and PagerDuty (on-call) behind a single developer portal.

See also: Backstage by Spotify is the most popular open-source IDP framework.

Remember: "Infrastructure → Orchestration → Platform Services → Developer Experience." Each layer builds on the one below.

🟡 Medium (4)

1. What is Backstage and what does an internal developer portal contain?

Show answer Backstage is a popular open-source internal developer portal. It contains a service catalog (all services, owners, health), documentation (API docs, runbooks), templates (golden path starters), self-service (provisioning, DNS, certs, secrets), and scorecards (production readiness, security compliance).

Remember: "Golden paths = opinionated defaults with escape hatches." Developers CAN deviate, but the default path is optimized.

Example: A golden path for a new microservice: template repo → CI pipeline → Kubernetes deploy → monitoring dashboard — all pre-configured.

2. How does a platform team standardize CI/CD pipelines?

Show answer Instead of every team writing their own CI, provide reusable shared workflow templates. Each service repo references the shared workflow (e.g., uses: your-org/platform-workflows/.github/workflows/build-test-deploy.yml@v2) and passes parameters like language and chart path. The shared workflow handles lint, test, build, security scanning, image push, and GitOps promotion.

3. What are the key metrics for measuring whether a platform is successful?

Show answer Lead time for changes, deployment frequency, time to onboard a new service, self-service ratio (% of infra requests handled without a ticket), mean time to recover, platform adoption (% of teams using golden paths vs custom), and developer satisfaction (NPS or survey scores).

Remember: "DORA metrics map to platform success." Lead time and deployment frequency improve when the platform reduces friction.

4. How do Kubernetes operators enable self-service infrastructure?

Show answer Platform teams build custom operators that watch for CRDs (Custom Resource Definitions). A developer creates a simple YAML resource (e.g., kind: Database, spec: postgres, size: medium) and the operator automatically provisions the StatefulSet, creates credentials as a Secret, configures backups, sets up monitoring, and registers it in the service catalog.

Example: A developer creates `kind: Database, spec: {engine: postgres, size: medium}` and the operator provisions a StatefulSet, Secrets, backups, and monitoring automatically.

🔴 Hard (3)

1. What checks belong in a production readiness scorecard?

Show answer Required: health endpoint, readiness endpoint, CPU and memory limits set, at least 2 replicas in prod, ServiceMonitor exists, at least 1 alert rule, runbook linked, team ownership declared. Recommended: PodDisruptionBudget, HPA autoscaling, network policies, no critical vulnerabilities in security scans, SLO defined and tracked.

Gotcha: Scorecards must be automated (not manual checklists) to stay current. Use tools like Backstage TechDocs or custom Kubernetes controllers.

2. What are the five common pitfalls in platform engineering?

Show answer 1. Building a platform nobody asked for (solve real pain points). 2. Mandating without value (golden path must be easier than the cowpath). 3. Platform as bottleneck (if every request needs a platform engineer, you just renamed ops). 4. Over-abstracting (hiding complexity so deep that debugging is impossible). 5. Ignoring the escape hatch (some teams have legitimate reasons to go off the golden path).

Remember: "Golden path must be easier than the cowpath." If developers still prefer the manual way, the platform has failed.

3. How do infrastructure catalog items differ from raw Terraform modules?

Show answer Catalog items expose infrastructure as pre-packaged, size-selectable options (e.g., postgres: small/medium/large with automated backups and read replicas). Developers pick from a menu without needing to understand Terraform syntax, module inputs, or provider configuration. The platform team maintains the underlying modules while presenting a simplified self-service interface.

Analogy: Catalog items are like a restaurant menu — diners pick "medium pizza" without knowing the recipe. Terraform modules are the recipe itself.