 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
We see a lot of articles that explain the difference between an internal developer platform and an internal developer portal. While it’s important to make a distinction between the two, it’s more useful to know how the two connect because, quite frankly, a platform without a portal won’t make developers’ lives easier. Platforms need a frontend, and that is the role of the internal developer portal.
Let’s look at what a platform is and the role of the portal in relation to the platform and finally, the APIs through which the platform and portal connect.
Without even knowing it, you’ll probably already have a platform in place. An internal developer platform is essentially made of everything you’ve built into your software development life cycle (SDLC), along with your infrastructure, cloud and everything in between. The platform is the totality of the platform tools and infrastructure you already have.
The platform is a central hub made of up the tools required to build, deploy and manage everything, with the chief goal of improving developer experience. For example, a platform offers unified access to internal APIs, microservices, SDKs and other resources needed for development. It also provides integrated tooling like CLI tools, build automation, CI/CD pipelines and infrastructure provisioning.
This means the developer does not need to work directly within a third-party tool such as incident management, appsec or FinOps. Instead, the developer accesses these tools through the platform.
The main purpose of an internal developer platform is to reduce developers’ cognitive load by centralizing resources and making them more accessible.
Platforms help with abstracting away complexity, but they don’t go far enough. They have limitations around accessibility, scalability and the necessary guardrails for developers. A platform can still be difficult for developers to get their heads around, meaning they can’t be self-sufficient, and this affects the time they spend on working things out, asking for assistance or creating tickets to DevOps.
An internal developer portal further abstracts away complexity and promotes developer self-service, all while providing golden paths and ensuring the relevant guardrails.
The portal acts as a user-friendly interface to the platform, abstracting the complexity of the software development environment by providing a single user interface that’s built for the questions and needs of different dev teams, so they can easily make sense of the entire tech stack and the resulting interdependencies. Essentially, they’re tailor-made for better developer experience and productivity.
The portal will connect to your platform and do the following:
If the platform is made of the many tools used for the SDLC, and the portal is the frontend, we now need to define the API through which they both connect. When a developer executes a self-service action in the portal, how does it get communicated to the underlying platform?
This is the API the portal will use to trigger a specific action in the platform, enabling self-service actions such as scaffolding a microservice or provisioning a cloud resource. It is the same API that will be used to create the software catalog.
While some argue that the portal needs a central API (an “orchestrator”) to connect to the platform, I believe that the API that the portal triggers is not one, but many — the existing APIs of the platform’s existing tools and infrastructure.
Let’s examine these platform APIs.
CI/CD — You can use your existing CI/CD API, such as GitHub actions, to connect to the portal for developer self-service actions.
GitOps is another API exposed to the portal, and executing actions by performing a git change is often considered best practice. By reading manifest files from the git and showing them inside the portal with context, you can also enrich the software catalog.
Engineering tooling — The entire devtool stack also plays a pivotal role. Each dev tool holds relevant information about the SDLC, enabling developers to perform various actions on their own through self-service and maintain relevant insights.
Feature flags are one of those devstack tools and should be considered as another API in the portal as it would enable users to see feature flags that are activated/deactivated for each running service, connect to observability tools, automatically switch a flag on or off if a critical service issue has been detected and more.
Other features also hold relevant information about the SDLC: monitoring and observability, on-call tools, app and cloud security, FinOps and cloud cost management, consumption of infrastructure as code (IaC), incident response, permission management, API catalogs, ticketing tools, SaaS management and more.
IaC is another API endpoint to the platform, and the API is often already exposed out of the box. For example, you can use Terraform cloud or Upbound’s API to interact with your platform. In addition, bringing data from your IaC execution run can enrich the portal with relevant information about provisioned, terminated or modified resources you would like to keep your developers informed about.
K8s — Connecting with the K8s API is crucial to abstract away K8s complexity for developers. The software catalog becomes more complete and rich by bringing in live K8s data in context to the SDLC representation inside it.
Finally, cloud providers play an important role in the platform, mainly for observability reasons. It’s pretty obvious that providing developers with direct access to the cloud console is bad practice. Therefore, we’d want to visualize the resources (in context) in the software catalog, then enrich it with other data brought from other platform elements.
Here are different examples of actions that can be done using an internal developer portal:
So far we’ve described two steps:
It may not seem obvious where orchestration belongs.
The portal is best working with the various platform APIs. This is because it uses the software catalog as a single source of truth for the platform and it can incorporate logs, manual approvals and more. The portal can also trigger actions in the platform when a developer executes a self-service action in GitHub actions or any other tool and this can align with the golden path defined by platform engineers. In addition, it can trigger smart workflows, an example of which is when a developer sets up an environment with a TTL. One trigger sets it up and then a workflow automation flow (defined in the portal) will terminate the environment in time.
As you’re already likely to have a platform that consists of existing APIs — and because most organizations (75%) with platform engineering teams will provide internal developer portals (according to Gartner) — it means that the stronger approach is to use the portal’s strength in connecting to APIs directly, effectively making the platform tool/orchestrator redundant.
As a result, the API between the portal and platform would look like the below diagram:
Platform engineering is all about reducing complexity and improving developer experience. Opting for a portal for your orchestration needs will go some way toward that. The portal offers the benefit of a unified integration point with all of your other tools, simplifying the process. In contrast, a specific platform orchestrator/tool necessitates integrating multiple components at various intersections, adding another layer of complexity to your platform. If you want to stand by your platform engineering principles, then it’s a straightforward choice for which option you’d use for your orchestration needs.
