Platform Engineering
Building and operating the internal platform that application teams deploy onto — the orchestration, networking, observability, secrets, and CI/CD layer, typically assembled from kubernetes and the surrounding CNCF ecosystem. A pillar of platform-ops, distinct from site-reliability-engineering (which owns reliability of what runs) though the roles overlap heavily.
The integration tax
kubernetes-integration-tax is this wiki’s grounding source: it argues the dominant
cost of production Kubernetes is the “integration tax” — making ~20–30 standard
tools (Prometheus, Cilium, cert-manager, Cluster API, GitOps) work together, not
the tools themselves. Failure modes are seams: Cilium metrics invisible to Prometheus
without a ServiceMonitor; cert-manager broken by ingress redirects. Recommended
practices: Jsonnet-generated monitoring, NetworkPolicies in Helm charts, two-repo
GitOps, Sealed Secrets, bootstrap-time DR.
The cure: productize the platform
If the integration tax is the problem, the internal-developer-platform (IDP) is the answer: pay the integration cost once, centrally, then hand teams a self-service, golden-path way onto it so they don’t each re-pay it. project-as-a-service (Belastingdienst, 99+ teams) is the grounding real-world instance — one YAML provisions namespaces/RBAC/quota via an operator; “make the right way the easiest way.” So platform-engineering has two faces: assembling the stack (the tax) and productizing the assembly (the IDP).
Through-line
This is the same lesson as observability‘s multi-source fusion: in production the hard part is integration, not components. See synthesis.