The Platform Engineering Handbook: Building Developer Platforms, Golden Paths and Self-Service Architecture
Platform engineering has moved from niche practice to mainstream organisational priority - but most teams are building their platforms without a map. They adopt Kubernetes without a multi-tenancy strategy, implement GitOps without solving secrets management first, and launch a developer portal that nobody trusts within six months because nobody owns the catalogue. The Platform Engineering Playbook exists to fix that.
Written for intermediate to senior software engineers, DevOps engineers, and engineering managers, this book covers the complete lifecycle of an Internal Developer Platform - from the foundational architecture decisions that constrain everything downstream, through the developer experience layer that determines whether engineers adopt the platform voluntarily, to the security, compliance, and FinOps practices that keep a shared platform governable at scale.
Inside, you will find practical, honest guidance on every major platform engineering concern:
Kubernetes operators, CRDs, and GitOps with ArgoCD and Flux - including where GitOps breaks down and how to handle itSecrets management with Vault, External Secrets Operator, and Sealed Secrets - positioned where it belongs, before you build anything elseInfrastructure as Code with Terraform, OpenTofu, and Pulumi - including the shared-state anti-patterns that create blast radius across teamsService mesh trade-offs across Istio, Linkerd, and Cilium - with an honest accounting of the operational cost each introducesDeveloper portals built on Backstage - including the resourcing reality that most guides omitGolden paths, scaffolding templates, and progressive delivery with Argo RolloutsSoftware supply chain security with SLSA, SBOMs, and SigstorePolicy as code with OPA and Kyverno, zero trust networking, and compliance automation for SOC 2 and ISO 27001Platform SLOs, error budgets, FinOps with Kubecost, and the multi-cloud trade-off analysis most organisations never do rigorouslyPlatform incident response - the runbooks for when the platform itself is the incidentAPI versioning and breaking change management at scaleBuilding, staffing, and evangelising the platform team, including the product manager problem nobody talks aboutEvery chapter acknowledges the realistic costs and failure modes of the approaches it describes. This is not a vendor brochure or a Kubernetes beginner tutorial. It is a practitioner's guide written for engineers who will be making real decisions with real consequences.
Customer Reviews
ThriftBooks ® and the ThriftBooks ® logo are registered trademarks of Thrift Books Global, LLC
