IBM Cloud CTO: Pros Outweigh the Cons with Platform Engineering
One of the big discussions at KubeCon+CloudNativeCon EU 2023 was platform engineering and its value-add to developers. But what about the downside for developers when it comes to platform engineering?
The New Stack asked IBM Fellow and Cloud CTO Jason McGee about the potential downsides of platform engineering, including tool lock-in and less ability to explore other options. He agreed these are potential cons for developers.
“Developers are an opinionated bunch,” he said. “The trade-off in any kind of platform engineering model is the platform has an opinion about tools, an opinion about technologies. You’re trying to limit some choices in the spirit of more consistency and faster provisioning.”
On one hand, developers like to have choice, he said but on the flip side are challenges like security and compliance, which have become burdens for developers, McGee added. By adopting platform engineering, developers free themselves of that burden, he said.
Platform engineering gives developers a menu of approved tool and library options, which allows organizations to onboard developers more quickly, according to a KubeCon EU panel discussion held for the media. Developers naturally like to play with new tools — it’s part of their job, pointed out David DeSanto, chief product officer at GitLab. The problem is that can lead to tool sprawl as each developer introduces new tools and integrations, he said. That becomes a major headache in a market with a 20-23% attrition rate, the panel added, since developers may come and go without documenting what tools or integrations they used.
Platform engineering allows developers to focus on business logic and the core problems they’re trying to solve, McGee said. That’s why most developers he’s spoken with support platform engineering, he added.
“The developers who’ve done it more than once usually are pretty big advocates of platforms,” he said.
IBM Cloud’s Role
For its part, IBM views its cloud as a platform for engineering and has built capabilities around those decisions of compliance, auditing and managing costs, McGee said.
“We have, for example, a capability called Security Compliance Center, which does posture management and compliance scanning so companies can deploy workloads and be assured that the cloud is configured correctly, that it’s secure, that it follows all their policies,” he said. “We’ve been doing a lot of work on the other end of the DevOps, helping them build compliance and deployment pipelines to do code risk analysis, that do provenance on code or build software bill of materials for supply chain protections.”
IBM also has its core platform, as well as Kubernetes, OpenShift and databases, amid other things that it’s building on the platform such as reference architecture models. Additionally, IBM provides TerraForm automation for a solution that enables customers to build private catalogs and customize them, he said. A platform engineering team can take IBM’S reference architectures, customize them with additional requirements, and then surface the requirements to their application teams in a private catalog of the cloud, where they can control which services their end users see, McGee explained.
“We’re doing a lot of the work to enable them to define their platforms without having to do it all themselves,” he said. “One of the risks of platform engineering is you start with VMs [virtual machines] or you start with Kubernetes and then everything else you figure out how to deploy and run yourself — observability tools and security tools and everything else. That’s a huge burden for a lot of these companies.”
The cloud can be part of the solution for creating a platform engineering model, McGee noted that cloud spend remains in the single digits over overall IT spending. Still, even on-premise companies want a cloud-operating and cloud-consumption model even when it’s running in their own data center, he added.
“There’s still huge on-prem IT states,” he said. “A lot of the work we’re doing in financial services, for example, is really about enabling those companies to move more of their mid- and back-office, mission-critical workloads to the cloud, which have been blocked by security and compliance controls, limitations and regulation and availability and resiliency.”
CNCF paid for travel and accommodations for The New Stack to attend the KubeCon+CloudNativeConEurope 2023 conference.