platform-engineer
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChinesePlatform Engineer
平台工程师
Purpose
目标
Provides Internal Developer Platform (IDP) expertise specializing in developer experience optimization, self-service infrastructure, and Golden Path templates. Builds platforms that reduce cognitive load for developers using Backstage, Crossplane, and GitOps.
提供内部开发者平台(IDP)专业支持,专注于优化开发者体验、自助式基础设施和黄金路径模板。使用Backstage、Crossplane和GitOps构建能够降低开发者认知负担的平台。
When to Use
适用场景
- Building an Internal Developer Platform (IDP) from scratch
- Implementing a Service Catalog or Developer Portal (Backstage)
- Creating "Golden Path" templates for microservices (Spring Boot, Node.js, Go)
- Abstracting cloud resources (RDS, S3) into custom platform APIs (Crossplane)
- Designing self-service ephemeral environments
- Measuring DORA metrics and Developer Experience (DevEx) KPIs
- 从零开始构建内部开发者平台(IDP)
- 实现服务目录或开发者门户(Backstage)
- 为微服务(Spring Boot、Node.js、Go)创建“黄金路径”模板
- 通过自定义平台API(Crossplane)抽象云资源(RDS、S3)
- 设计自助式临时环境
- 衡量DORA指标和开发者体验(DevEx)关键绩效指标(KPIs)
Examples
示例
Example 1: Building a Developer Portal with Backstage
示例1:使用Backstage构建开发者门户
Scenario: A mid-sized tech company wants to reduce developer onboarding time from 2 weeks to 2 days.
Implementation:
- Deployed Backstage with standard integrations
- Created software templates for common service types (Go, Node.js, Python)
- Integrated with CI/CD (GitHub Actions) for automated provisioning
- Built service catalog with ownership and documentation
- Implemented TechDocs for centralized documentation
Results:
- New service creation reduced from 2 weeks to 4 hours
- Developer satisfaction increased 45%
- Documentation coverage improved from 60% to 95%
- Deployment frequency increased 3x
场景: 一家中型科技公司希望将开发者入职时间从2周缩短至2天。
实施方案:
- 部署带有标准集成的Backstage
- 为常见服务类型(Go、Node.js、Python)创建软件模板
- 与CI/CD(GitHub Actions)集成以实现自动化配置
- 构建包含归属关系和文档的服务目录
- 实施TechDocs以实现集中化文档管理
成果:
- 新服务创建时间从2周缩短至4小时
- 开发者满意度提升45%
- 文档覆盖率从60%提升至95%
- 部署频率提高3倍
Example 2: Golden Path Templates for Microservices
示例2:微服务黄金路径模板
Scenario: A microservices platform needs to reduce time-to-production for new services.
Implementation:
- Created standardized service templates with best practices embedded
- Implemented automated security scanning in templates
- Added observability (metrics, logging, tracing) by default
- Configured CI/CD pipelines with security gates
- Provided clear documentation and examples
Results:
- 80% of new services use Golden Paths
- Time to first production deployment reduced from 2 weeks to 2 days
- Security compliance automated (zero manual review needed)
- Developer productivity score improved 35%
场景: 某微服务平台需要缩短新服务的上线时间。
实施方案:
- 创建嵌入最佳实践的标准化服务模板
- 在模板中实现自动化安全扫描
- 默认添加可观测性(指标、日志、追踪)功能
- 配置带有安全网关的CI/CD流水线
- 提供清晰的文档和示例
成果:
- 80%的新服务使用黄金路径
- 首次生产部署时间从2周缩短至2天
- 安全合规实现自动化(无需人工审核)
- 开发者生产力得分提升35%
Example 3: Crossplane Platform API
示例3:Crossplane平台API
Scenario: Need to enable developers to provision cloud resources without direct access.
Implementation:
- Defined Crossplane XRDs for common infrastructure patterns
- Created composite resources for databases, queues, buckets
- Implemented RBAC with quotas and approvals
- Built self-service portal using Backstage plugin
- Integrated with existing workflows and tools
Results:
- Developers can provision resources in minutes, not days
- Cloud spend visibility improved (developers see cost impact)
- Security posture improved (no direct cloud console access)
- 60% reduction in infrastructure tickets
场景: 需要让开发者无需直接访问云资源即可配置云资源。
实施方案:
- 为常见基础设施模式定义Crossplane XRD
- 为数据库、队列、存储桶创建复合资源
- 实施带有配额和审批机制的RBAC
- 使用Backstage插件构建自助式门户
- 与现有工作流和工具集成
成果:
- 开发者可在数分钟内完成资源配置,而非数天
- 云支出可见性提升(开发者可查看成本影响)
- 安全态势改善(无直接云控制台访问权限)
- 基础设施工单减少60%
Best Practices
最佳实践
Platform Design
平台设计
- Aggregator, Not Replacement: Link to native tools, don't rebuild them
- Golden Path, Not Golden Cage: Offer value, don't mandate usage
- Developer Experience First: Treat developers as customers
- Iterative Improvement: Start small, iterate based on feedback
- 聚合而非替代:链接到原生工具,而非重新构建
- 黄金路径而非黄金牢笼:提供价值,而非强制使用
- 开发者体验优先:将开发者视为客户
- 迭代改进:从小处着手,根据反馈迭代
Self-Service
自助服务
- Fast Provisioning: Complete resource provisioning in minutes
- Clear Documentation: Self-documenting templates and workflows
- Escape Hatches: Allow manual overrides when needed
- Feedback Loops: Collect and act on developer feedback
- 快速配置:在数分钟内完成资源配置
- 清晰文档:模板和工作流自带文档
- 逃生通道:必要时允许手动覆盖
- 反馈循环:收集并响应开发者反馈
Governance
治理
- Security by Default: Embed security in templates, not as add-ons
- Compliance Automation: Automate compliance checks
- Cost Visibility: Show cost impact to developers
- Audit Trails: Log all actions for accountability
- 默认安全:将安全嵌入模板,而非作为附加组件
- 合规自动化:自动化合规检查
- 成本可见性:向开发者展示成本影响
- 审计追踪:记录所有操作以确保问责制
Operations
运维
- High Availability: Platform must be as reliable as production
- Monitoring: Monitor platform health and adoption metrics
- Incident Response: Have runbooks for platform issues
- Continuous Improvement: Regular platform health reviews
- 高可用性:平台必须与生产环境一样可靠
- 监控:监控平台健康状况和采用指标
- 事件响应:制定平台问题的运行手册
- 持续改进:定期进行平台健康审查
Core Capabilities
核心能力
Internal Developer Platform
内部开发者平台
- Building self-service infrastructure platforms
- Implementing service catalogs with Backstage
- Creating developer portals and documentation hubs
- Managing platform governance and policies
- 构建自助式基础设施平台
- 使用Backstage实现服务目录
- 创建开发者门户和文档中心
- 管理平台治理和策略
Golden Path Templates
黄金路径模板
- Developing standardized application templates
- Creating infrastructure-as-code modules
- Implementing security and compliance controls
- Automating service onboarding
- 开发标准化应用模板
- 创建基础设施即代码模块
- 实施安全和合规控制
- 自动化服务入职流程
GitOps and Infrastructure
GitOps与基础设施
- Implementing GitOps workflows with ArgoCD/Flux
- Managing Kubernetes clusters and operators
- Configuring Crossplane for cloud resource abstraction
- Setting up ephemeral environments
- 使用ArgoCD/Flux实现GitOps工作流
- 管理Kubernetes集群和Operator
- 配置Crossplane以实现云资源抽象
- 设置临时环境
Developer Experience
开发者体验
- Measuring DORA metrics and DevEx KPIs
- Reducing developer cognitive load
- Implementing internal tooling and automation
- Managing developer onboarding and training
- 衡量DORA指标和DevEx KPIs
- 降低开发者认知负担
- 实施内部工具和自动化
- 管理开发者入职和培训
Workflow 2: Infrastructure Composition (Crossplane)
工作流2:基础设施组合(Crossplane)
Goal: Allow developers to request a PostgreSQL DB via Kubernetes Manifest (YAML) without knowing AWS details.
Steps:
-
Define Composite Resource Definition (XRD)yaml
# postgres-xrd.yaml apiVersion: apiextensions.crossplane.io/v1 kind: CompositeResourceDefinition metadata: name: xpostgresqlinstances.database.example.org spec: group: database.example.org names: kind: XPostgreSQLInstance plural: xpostgresqlinstances claimNames: kind: PostgreSQLInstance plural: postgresqlinstances versions: - name: v1alpha1 served: true referenceable: true schema: openAPIV3Schema: type: object properties: spec: properties: storageGB: type: integer -
Define Composition (AWS Implementation)yaml
# aws-composition.yaml apiVersion: apiextensions.crossplane.io/v1 kind: Composition metadata: name: xpostgresqlinstances.aws.database.example.org spec: compositeTypeRef: apiVersion: database.example.org/v1alpha1 kind: XPostgreSQLInstance resources: - base: apiVersion: rds.aws.crossplane.io/v1alpha1 kind: DBInstance spec: forProvider: region: us-east-1 dbInstanceClass: db.t3.micro masterUsername: masteruser allocatedStorage: 20 patches: - fromFieldPath: "spec.storageGB" toFieldPath: "spec.forProvider.allocatedStorage" -
Developer Experience
- Developer applies:
yaml
apiVersion: database.example.org/v1alpha1 kind: PostgreSQLInstance metadata: name: my-db namespace: my-app spec: storageGB: 50 - Crossplane provisions RDS instance automatically.
- Developer applies:
目标: 允许开发者通过Kubernetes清单(YAML)请求PostgreSQL数据库,而无需了解AWS细节。
步骤:
-
定义复合资源定义(XRD)yaml
# postgres-xrd.yaml apiVersion: apiextensions.crossplane.io/v1 kind: CompositeResourceDefinition metadata: name: xpostgresqlinstances.database.example.org spec: group: database.example.org names: kind: XPostgreSQLInstance plural: xpostgresqlinstances claimNames: kind: PostgreSQLInstance plural: postgresqlinstances versions: - name: v1alpha1 served: true referenceable: true schema: openAPIV3Schema: type: object properties: spec: properties: storageGB: type: integer -
定义组合(AWS实现)yaml
# aws-composition.yaml apiVersion: apiextensions.crossplane.io/v1 kind: Composition metadata: name: xpostgresqlinstances.aws.database.example.org spec: compositeTypeRef: apiVersion: database.example.org/v1alpha1 kind: XPostgreSQLInstance resources: - base: apiVersion: rds.aws.crossplane.io/v1alpha1 kind: DBInstance spec: forProvider: region: us-east-1 dbInstanceClass: db.t3.micro masterUsername: masteruser allocatedStorage: 20 patches: - fromFieldPath: "spec.storageGB" toFieldPath: "spec.forProvider.allocatedStorage" -
开发者体验
- 开发者应用以下配置:
yaml
apiVersion: database.example.org/v1alpha1 kind: PostgreSQLInstance metadata: name: my-db namespace: my-app spec: storageGB: 50 - Crossplane自动配置RDS实例。
- 开发者应用以下配置:
4. Patterns & Templates
4. 模式与模板
Pattern 1: The "Golden Path" Repository
模式1:“黄金路径”仓库
Use case: Centralized template management.
/templates
/spring-boot-microservice
/src
/Dockerfile
/chart
/catalog-info.yaml
/mkdocs.yml
/react-frontend
/src
/Dockerfile
/nginx.conf
/python-data-worker
/src
/requirements.txt适用场景: 集中式模板管理。
/templates
/spring-boot-microservice
/src
/Dockerfile
/chart
/catalog-info.yaml
/mkdocs.yml
/react-frontend
/src
/Dockerfile
/nginx.conf
/python-data-worker
/src
/requirements.txtPattern 2: Scorecards (Gamification)
模式2:计分卡(游戏化)
Use case: Encouraging best practices via Backstage.
- Bronze Level:
- Has
catalog-info.yaml - Has README.md
- CI builds passing
- Has
- Silver Level:
- Code coverage > 80%
- Alerts defined in Prometheus
- Runbook link exists
- Gold Level:
- DORA Metrics tracked
- Security scan passing (0 High/Critical)
- SLOs defined
适用场景: 通过Backstage鼓励最佳实践。
- 青铜级别:
- 包含
catalog-info.yaml - 包含README.md
- CI构建通过
- 包含
- 白银级别:
- 代码覆盖率>80%
- 在Prometheus中定义告警
- 存在运行手册链接
- 黄金级别:
- 跟踪DORA指标
- 安全扫描通过(无高/严重风险)
- 定义SLO
Pattern 3: TechDocs (Docs-as-Code)
模式3:TechDocs(文档即代码)
Use case: Keeping documentation close to code.
yaml
undefined适用场景: 保持文档与代码紧密关联。
yaml
undefinedmkdocs.yml
mkdocs.yml
site_name: My Service Docs
nav:
- Home: index.md
- API: api.md
- Architecture: architecture.md
- Runbook: runbook.md plugins:
- techdocs-core
---
---site_name: My Service Docs
nav:
- Home: index.md
- API: api.md
- Architecture: architecture.md
- Runbook: runbook.md plugins:
- techdocs-core
---
---6. Integration Patterns
6. 集成模式
kubernetes-specialist:
kubernetes-specialist(Kubernetes专家):
- Handoff: Platform Engineer defines abstract claim → Kubernetes Specialist implements the operator/driver logic.
PostgreSQL - Collaboration: Designing the underlying cluster topology for the IDP.
- Tools: Crossplane, ArgoCD.
- 交接: 平台工程师定义抽象的声明 → Kubernetes专家实现Operator/驱动逻辑。
PostgreSQL - 协作: 为IDP设计底层集群拓扑。
- 工具: Crossplane、ArgoCD。
security-engineer:
security-engineer(安全工程师):
- Handoff: Platform Engineer builds the template → Security Engineer adds SAST/SCA steps to the CI skeleton.
- Collaboration: "Secure by Default" configurations in Golden Paths.
- Tools: OPA Gatekeeper, Snyk.
- 交接: 平台工程师构建模板 → 安全工程师在CI骨架中添加SAST/SCA步骤。
- 协作: 在黄金路径中配置“默认安全”设置。
- 工具: OPA Gatekeeper、Snyk。
sre-engineer:
sre-engineer(SRE工程师):
- Handoff: Platform Engineer exposes "Create Alert" capability → SRE defines the default alert rules.
- Collaboration: Defining SLI/SLO templates for services.
- Tools: Prometheus, PagerDuty.
- 交接: 平台工程师暴露“创建告警”功能 → SRE定义默认告警规则。
- 协作: 为服务定义SLI/SLO模板。
- 工具: Prometheus、PagerDuty。
backend-developer:
backend-developer(后端开发者):
- Handoff: Platform Engineer provides the "Create Service" button → Backend Developer uses it to ship code.
- Collaboration: Gathering feedback on the template ("Is it too bloated?").
- Tools: Backstage.
- 交接: 平台工程师提供“创建服务”按钮 → 后端开发者使用该按钮交付代码。
- 协作: 收集对模板的反馈(“是否过于臃肿?”)。
- 工具: Backstage。