Skip to content

How Palo Alto Approaches Platform Engineering

Ramesh Nampelly, Senior Director of Cloud Infrastructure and Platform Engineering at Palo Alto, just lately wrote about how Palo Alto approaches platform engineering. They constructed their very own inside developer platform (IDP) primarily based on the open-source device Backstage. Their platform covers infrastructure provisioning, coverage administration, observability, and value administration.

Nampelly explains that Palo Alto had troubles with legacy practices resulting in unbiased automation approaches with disparate documentation. Gary Nieman, Product Supervisor at Spotify, famous related fragmentation inside Spotify’s improvement groups and shared that it led to a type of “rumour-driven improvement” the place “the one option to learn the way to do one thing was to ask your colleague”.

Palo Alto’s purpose with its platform was to encourage self-service developer tooling. With this in thoughts, one of many first items they tackled was a service catalog to “assist builders or SREs to search out out the main points of a given manufacturing service simply and rapidly”. Matthew Skelton, Founder at Conflux, shared An analogous concept that simplifying easy methods to discover info is an efficient technique of enhancing movement:

What if crucial a part of “platform engineering” is sustaining a top quality wiki with confirmed, empathic patterns for Stream-aligned groups to comply with?

In constructing this, Nampelly notes that the crew needed to determine whether or not to construct the tooling internally or buy one thing off the shelf. The choice was made that the device needs to be constructed in-house to satisfy their particular use instances. They determined to make use of Backstage as a place to begin: “[w]e’ve forked out [B]ackstage OSS code and added required abstractions and named it as “Palo Alto Networks DevClues”.”

Overview of the Palo Alto Networks IDP (credit score: Palo Alto)

Nampelly shared that they categorize their platform capabilities and instruments into three phases (primarily based on the 2022 Gartner Innovation Perception for Inner Developer Portals Report): uncover and create, combine and deploy, and function and enhance. Uncover and create covers “day-0” actions targeted on the “preliminary a part of the event lifecycle, together with onboarding, coaching, bootstrapping, native improvement”.

Combine and deploy covers “day-1” duties targeted on deploying the appliance into staging and manufacturing environments. This contains each infrastructure and utility administration. The function and enhance section covers the continuing duties related to working a service together with automation, observability, and incident administration.

Nevertheless, constructing the precise instruments is just a part of the issue. As Galo Navarro, Principal Software program Engineer at Midokura, succinctly summarized, the worth of platform engineering is just not in what instruments are constructed however within the outcomes generated:

We’re seldom advised “construct this device”, however fairly “power-up product groups”, and it is anticipated that we’ll stroll up and down the group to grasp what challenges product groups have and that are price fixing.

Nampelly’s crew labored to empower their groups by means of service templates targeted on enhancing widespread duties:

Palo Alto Networks DevClues present prepared to make use of service templates for builders to create new software program functions, providers and infrastructure elements with embedded greatest practices.

Efficient platform groups additionally work to assemble ongoing suggestions from their customers to assist craft the platform route. Adam Hansrod, Principal Engineer at Equal Consultants, states that “constructing the platform incrementally primarily based on the suggestions from the shopper groups drives stronger adoption of the platform.” Nampelly notes that the platform crew at Palo Alto “is concentrated and dedicated to repeatedly innovate IDP capabilities by managing its adoption, roadmap, [and by] gathering suggestions from our engineering groups.”

Extra details about Palo Alto’s inside developer platform might be discovered on the Palo Alto weblog.


Leave a Reply

Your email address will not be published. Required fields are marked *