Posted on January 15, 2025

Ambassador post originally published on Medium by Mathieu Benoit, CNCF Ambassador

KubeCon NA 2024 in Salt Lake City was a blast!

Like always, I met with old friends, I made new friends and I had deep conversations about Platform Engineering and Cloud Native in general. I did my booth duties at the Humanitec booth, delivered a workshop and presented a few talks (Cloud Native Rejekts and TAG App Delivery Kiosk). This community has so much energy, it’s so inspiring.

Like after KubeCon Chicago and KubeCon Paris, I like capturing most, if not all the sessions and announcements around Platform Engineering at KubeCon. Here we are for the Salt Lake City edition!

Bear with me, here is what we will cover throughout this blog post:

tl,dr
General announcements
Cloud Native Rejekts
TAG App Delivery
Platform Engineering Day
ArgoCon
AppDeveloperCon, WasmCon, OpenTofu Day, BackstageCon
OpenShift Commons
KubeCon
Score & Humanitec
Learning by doing (Backstage, Sigstore, Dagger)
Next events
Others’s KubeCon recaps

tl,dr

Even after 10 years, are we there yet with Kubernetes? During this panel, Lachlan and Bailey agreed with Kelsey: “Kubernetes is a platform to build platforms”. And there is still room for improvements: “Coming with the right abstraction, to just focus on delivering value for the business” and “Decoupling the complexity from the growth of the workload”.
Security is everywhere, and still complex to set up and control in a Cloud Native World, but your platform can abstract and standardize most of it. Shift down to the Platform!
Kubernetes is a platform to build platforms, and AI and WebAssembly are two types of very popular workloads that your platform can support and host.
Developer Portals are an important piece of your overall Platform Engineering initiative, they are the frontends of your Platform. A Developer Portal should also be seen as a dedicated Product, you have a Product Manager, a Roadmap, etc. Backstage is very popular but still needs custom implementation and integration to invest on.
Reference Architectures for building your Internal Developer Platform (IDP) are easier to find than ever. But I now see the discussions moving more and more around building versus buying some key components within this reference architectures. Can I optimize and accelerate building my own IDP without reinventing the wheels?
I’m listing 45 talks related to Platform Engineering across all the conferences around this KubeCon edition in SLC. → 6 talks really caught my attention. They share some lessons learned based on the maturity they have been reaching with their own Platform Engineering initiative. Just find them with this “(💡❤️)” tag down below. You’ll find these great stories from The New York Times, U.S. Bank, Intuit, Frost Bank, NatWest Bank, Monzo, Saxo Bank, Fidelity International, etc.

First, some general announcements

Here are some announcements around the Platform Engineering space that I captured:

Cloud Native Rejekts

KubeCon definitely starts with the Cloud Native Rejekts conference, right before the main conference. It’s 2 days. A good warm-up for the main KubeCon conference happening right after.

This was my first Cloud Native Rejekts as both an attendee and speaker. What an experience! Smaller audience than KubeCon, with great opportunities to have technical and deep conversations with folks in there. I really loved it!

The full schedule can be found here. And here are the associated videos:

Photo taken by Chris Plank (thank you!) during of my talk with Maxime Coqueral about Security and Platform Engineering.

I captured 4 talks related to Platform Engineering:

Platform Engineering Loves Security: Shift Down to Your Platform, not Left to Your Developers! (video — slides)— My talk co-delivered with Maxime Coquerel. We shared insights about shifting security features and controls down to the platform instead of adding more cognitive loads to the Developers.
Platforms Need AI Copilot (video) — Good demo to see in action how AI powered assistant (like foyle.io with VS Code and runme.dev) can help SRE and Platform Engineer deploy and troubleshoot apps and infrastructure.
(💡❤️) Abstracting Kubernetes: How Intuit is Migrating Services to a Simplified, Abstracted Paved Road (video) — I have been following Intuit’s talks about their Platform Engineering initiative, and I’m always impressed about the maturity they have developed around their internal developer platform. Here they share how from an hackathon they were able to now have a migration assistant in place to improve and accelerate the onboarding process for their Developers. So impressive!
You Can Score It! Shift Down to the Platform. Do Not Shift Left to the Developers (video — demo) — I did this challenging exercise to do a 5-min lighthing talk. I did a live demo. I really loved the format, and it was a good way to close the conference.

Photo taken by Marino Wijay (thank you!) during my lightning talk about Score

TAG App Delivery

I cannot talk about Platform Engineering at KubeCon without mentioning the TAG App Delivery, they are doing so much in that space.

The TAG App Delivery put in place different activities throughout KubeCon, you can find more details here. That’s always great activities with people involved in the Platform Engineering space.

They got a Kiosk in the Project Pavillon, they organized lightning talks, every morning was the “Platform Coffee Meetup”, and they had talks to present the activities of the different WGs: AppDev, Platforms, Infra, etc.

KubeCon — Applications, Platforms, and Infrastructure Oh My! What Is the TAG App Delivery Doing to Support You — Abby, Daniel, Roberth and Ryan highlight how the TAG Working Groups including App Development, Platform, Infrastructure, and Artifacts are helping build a unified view of how to successfully deliver cloud native applications at scale.
AppDeveloperCon — Lightning Talk: Intro to the CNCF App Development WG (video) — Mauricio and Daniel introduce this new WG within the TAG App Delivery. Focused on App Developer tools. Learn more about it here.
Platform Engineering Day — Platform Working Group Update (slides) —You’ll get some updates with the Platforms WG regarding the maturity model, the whitepaper, the current Platform-as-Product Research they are running, etc. Thank you Atul, Abby and Colin for your excellent job in this WG!

I recently translated the Platforms Glossary in French, and got the opportunity to collaborate with Stéphane Este-Gracias and Antoine Bermon by having their reviews on this. You can contribute there too!

I got the opportunity to re-deliver my Cloud Native Rejekts talk about Score during one of the lightning talks at the TAG App Delivery’s Kiosk. Very grateful for the opportunity!

Photo taken by Abby Bangser (thank you!)

Next to this TAG App Delivery Kiosk was the CNCF Projects Stickers Wall, and look at what I found printed by the CNCF!

Official sticker for Score, now a CNCF Sandbox project

That’s also in this Projects Pavillon that I got interviewed by Julia, check this out, 1 min to pitch Score, good exercise!

PE Day

The entire list of talks at the Platform Engineering (PE) Day is available here. Here are 9 talks I want to highlight:

Portals and Platforms, Two Ps in a Pod? How Good Interfaces Make for Good Operability (video) — Your Portal is the “frontend” and your Platforms(s) is(are) your “backend”. Another great talk clarifying this important bridge between both.
Lightning Talk: Are You Really Ready to Adopt a Platform? (video — slides) — Atul presented a checklist he has built around 4 main focus areas: organizational structure and culture, current pain points and inefficiencies, resource availability and allocation, and long-term vision and goal.
(💡❤️) Panel: Measuring the Impact of Platform Engineering (video) — How to measure progress and impact of your Platform? How to make sure you are actually solving problems and are helping your Developers? There are different and complementary indicators to look after. Again a Platform initiative shouldn’t not just focus on tools, a Platform-as-a-Product mindset is required. You need to know your customers, and better understand their needs and pain points, to eventually measure and compare the benefits of the Platform and its fetures exposed.

Be humble and unbiased, don’t assume you know. Talk to your customers!

(💡❤️) Crossing the Chasm: The Journey of The New York Times IDP from Conception to Early Majority (video) — David from the NYT did an excellent job sharing their journey and strategies to build their developer platform, and the cloud-native community around it. You’ll learn how they started with a TVP/MVP of their platform during one of their annual hackathon in 2021. Then they got some early adopters and went eventually GA in 2023 to then reach the scalability level in 2024. They have a clear capability maturity model (POC, experimental, dev preview or GA) for the features of their paltform. On top of that they also have a marketing strategy to enhance their Platform-as-a-Product mindset. Scaffolding from a form to use an App template, to trigger CD pipelines via GitOps.
(💡❤️) Innovating at Scale: Building and Managing Modern Developer Platform in U.S. Bank (video — slides)— They explained why they build their own IDP: prioritize developer productivity, enable business agility, increase reliability, enable developer-first experience, scale for the future. Opportunities and tips: persona driven research, push the pace iteratively and be transparent.

Innovating at Scale: Building and Managing Modern Developer Platform in U.S. Bank

Panel: Platform Adoption Strategies: Critical Roles When Investing in Platforms (video) — Many end-users, meet with them! Know your c-suite sponsors. Link your roadmap and new features and downtimes to business KPIs. Also good call out to the Cloud Native Maturity Model too.
If You Build It, They Will Come, a Platform Modernization Journey from Canada Life (video — slides) — Importance to onboard your first customer as early as possible. Early identification of “white glove” service requirement and build a training model. And find features and capabilities that your Developers will actually get benefits from: observability out of the box for everyone, enhance the security posture, add autoscaling and self healing infrastructure, etc.
Developer Platform Consoles Should Be Dumb (video) — Portals are just the Frontend of your Platform. From a form, they could generate files in Git repo triggering GitHub Actions, GitLab Pipelines, GitOps tools, etc. in order to actually deploy things.
Navigating the No-Code to Full-Code Spectrum — a Platform Engineering Journey (video — slides) — Good lessons learned shared about building a Platform by exposing APIs. Example here with a combination of Crossplane’s Infrastructure provisioners, Crossplane’s Compositions and Crossplane’s Functions.

By providing an abstract platform API with standardized components we can limit the choice of configuration values, provide compliance by default and simplify operations.

ArgoCon

Here are 6 talks related to Platform Engineering during ArgoCon NA 2024 I captured:

Building a Cutting-Edge Kubernetes Internal Developer Platform at NVIDIA (video — slides) — Great illustration of the use of the CNOE reference architecture with ArgoCD and how NVIDIA has been able to build their IDP to allow Developers to deploy app on GPUs.
Bridge the Gap Between Terraform and GitOps (video — slides) — Akuity has built a Kubernetes controller that streamlines Terraform usage along side with GitOps tools: TF Bridge.
Enhancing Compliance and Safety with Argo CD Ephemeral Access (video) — Intuit has built an Argo extension to allow Developers to get temporary access to edit their deployment.
Lightning Talk: Progressive Infrastructure Delivery Using Kargo and Argo CD (video — slides) — Kargo from Akuity is helping to promote multi-stage deployments.
Managing Application Dependencies in Argo CD (video) — Argo provides the notion of SyncWaves, very helpful to managed dependencies between Kubernetes resources, only scopped for an Argo Application. But what about cross Applications dependencies? Apps-of-Apps or ApplicationSets’s ProgressiveSyncs to the rescue?
Ephemeral Environment Practices — the Good, Bad, and Ugly at The New York Times (video) — The NYT is presenting how Argo is playing a central and key role in their Internal Developer Platform (IDP), especially by providing ephemeral environments for each PR. They share here failures and lessons learned arount this.

Engineers want rapid feedback as they iterate on their changes.

As an NYT Engineer, PR-based ephemeral environments are provided by default for my application launched on the shared platform.

More from WasmCon, OpenTofu Day and BackstageCon

Here are 6 talks related to Platform Engineering during AppDeveloperCon, WasmCon, OpenTofu Day and BackstageCon I captured:

AppDeveloperCon — Streamlining Cloud-Native Development: Simplifying Dependencies and Testing with Microcks (video) — Good demo of Microks and Quarkus (OOTB Testcontainers) to improve the developer innerloop experience, to perform real tests locally.
AppDeveloperCon — Introducing Dagger Modules: Open Source CI/CD Building Blocks You Already Know How to Write (video — slides) — I met with Jeremy, Solomon and Justin from Dagger this year. I now better understand what Dagger is solving. It’s bringing locally your CI pipelines to accelerate tests and deployments of your apps and their dependencies, in a portableand consistant way. You can use different modules in your pipelines from this libary of modules: Daggerverse.
WasmCon — Next-Level Powers: Enhance Your IDP with the WASM and Dapr Hero Team-Up! — (video — slides) — Great demo with Backstage, Wasm, Dapr and Kafka.
OpenTofu Day — Accelerating Application Delivery with OpenTofu Controller and GitOps (video — slides) — Shift-left empowered by Platform Engineering, do not shift-left without governance. The idea is to provide OpenTofu Modules as Infrastructure Blueprints and Helm charts as App Blueprints. FluxCD has an OpenTofu Controller, in order to do GitOps with IaC.
BackstageCon — IDPs For The Rest of Us: Maximizing Impact When You Aren’t a Tech Giant (video — slides) — Your Internal Developer Portal is a product, and has a roadmap that needs outcomes. This talk provides a lot of tips and best practices around this “-as-a-Product” approach. Recognize value quickly and efficiently, increase quality and discoverability of documentation (guided access and improved search), measure usage, validate impact and measure progress. Increase self-service and reduce context switching. Use data to see the whole picture: engineering metrics, pulse surveys and platform analytics.

Know your value stream: Invest time to understand how value is created, the domains your teams operate in and how they interact.

BackstageCon — Panel: Insights from Internal Developer Portal Rollouts in Large Enterprises (video) — Great insights from Adobe, American Airlines, JP Morgan, Roku and RedHat about adopting and implementing Backstage at scale.

OpenShift Commons

Here are 4 talks related to Platform Engineering during the OpenShift Commons co-located event that I captured:

Step into the world of Virtualization with New York University (video) — Opportunity to modernize and impose standards while enhancing pre existing workflows. Start small and automate first.

Operators make it easy for IT staff to build out enterprise grade services and let our users focus on their code and research.

Mastercard Transforms Data Science with Cloud-Native Technologies (video) — Great insights to build you AI/ML platform with MLOps best practices on top of Kubernetes. From agile experimentation to model serving.
Deloitte — How to go from zero to hero with Internal Developer Portals (video) — They chose RedHat Developer Hub to power their IDP for simplicity and security on top of Backstage. It’s now a living and expanding portal for different types of developers.
(💡❤️) Scaling app development at Frost Bank with OpenShift (video)— Great way to learn about the efforts and the strategy it takes to build your own internal developer platform. Starting from a need to migrate to containers and Kubernetes via OpenShift. Spreading the word internally: Selling the vision, evangelizing and upskilling talent. Starting small with a low-risk and internal app, then select a larger and high-profile app (anchor to sell the vision!) and eventually grab the must move apps (container only, etc.).

Keep all teams engaged throughout. Leverage a full-time PM or PO. Constant communication with leadership and stakeholders.

KubeCon

You can find all the recordings here.

Here are 13 talks related to Platform Engineering during KubeCon I captured:

Keynote: Paving the Way for AI Through Platform Engineering (video) — Kasper from Lunar shares how they applied Platform Engineering principles to simplifies and democartizes AI internally.
This Platform Goes to 11: Boost Developer Productivity with Lessons from Salesforce (video — slides) — Great experience and best practices shared by Salesforce about building your own internal Deverloper Platform. You’ll learn about Builpacks, Hyperpacks and how to measure your success.
Evolving Reddit’s Infrastructure via Principled Platform Abstractions at Reddit (video — slides) — From Clusters and Namespaces as a Service to Platfrom Abstractions (custom Declarative API with Operator/Controller (Achille SDK) with an Orchestration cluster) → opiniated abstraction for self-service and reduce cognitive load.

When companies reach a certain maturity, they need platform abstractions to operate efficiently, especially as they grow.

Cash App’s Journey Into a Multi-Cluster Ecosystem (video — slides) — Multi-clusters strategy with Service Mesh (Istio), GitOps (Argo), auto-scaling (KEDA and Karpenter), chaos engineering to simulate DR.

Product Engineers focus on abstract Kubernetes away, business logic and deployment simplicity.

Running WebAssembly (Wasm) Workloads Side-by-Side with Container Workloads (video — slides) — You can run side-by-side Container and WebAssembly on Kubernetes (as main app or sidecar). SpinKube and WasmCloud are two WebAssembly Platforms to look at. Great opportunity to improve security posture of apps and reducing container sizes with WebAssembly.
Micro-Segmentation and Multi-Tenancy: The Brown M&Ms of Platform Engineering — (Fidelity International) (video — slides) — Reduce cognitive load on Dev, but also reduce risk for the organization”, “Namespace as a Service”, and demo of the combination of NetPol (Cilium) and Admission controller (Kyverno).
Shifting Gears: Leveraging CNCF Tools to Streamline Operations at Toyota Connected (video — slides) — Maestro Automation for 500 developers- Self-serve from Backstage (share repo and dedicated repo) → ArgoCD → Shared cluster → Crossplane+OpenTofu. Outcomes: increased collaboration, innersourcing and improved standardization.
Multi-Tier Security in WasmCloud: From Developer Constraints to Platform Extensibility — Brooks Townsend, Cosmonic (video — slides)— Wasm-native Orchestration.

Platform engineers provide capabilities with wasmCloud host plugins, developers don’t know nor care.

Platform Engineering for Software Developers and Architects (video) — Go faster, decrease risk and increase efficiency. 3 tiers layers: App Choregraphy, Platform Orchestrator and Infra composition.
Creating Paved Paths for Platform Engineers — Ritesh Patel, Nirmata; Abby Bangser, Syntasso; Viktor Farcic, Upbound; Nicholas Morey, Akuity; Praseeda Sathaye, Amazon (video) — Reference architecture like CNOE could help you focus on enhancing developer experiences and optimizing complexities for your internal customers.
Yahoo’s Kubernetes Journey from on-Prem to Multi-Cloud at Scale (video — slides) — Great insights and lessons learned about Yahoo’s platform on top of Kubernetes with a multi-cloud approach.

Abstraction for user to focus on app instead of infrastructure.

This Platform Goes to 11: Boost Developer Productivity with Lessons from Salesforce (video — slides) — Great insights about Salesforce’s Platform based on Heroku, Buildbacks, etc. Talking about how to measure the success of their Platform too.
(💡❤️) Platform Engineering in Financial Institutions: The Practitioner Panel (video) — Highly regulated institutions are certainly a very good example demonstrating why having a Paltform Engineering initiative is key. Great insights about the when and how NatWest Bank, Monzo, Saxo Bank and Fidelity International started their Platform Engineering journey. Good Platform Engineers are Software Engineers able to build platform with a product mindset, and abstracting all the technical details and tools used that the actual platform is made of. How to measure the success of your platform: Devs happiness complementary to velocity, reliability, security, etc. to balance between what the Devs want and what the business wants. A Platform is a great enabler and abstractor of constraints from regulators (reliability, security, etc.).

Score & Humanitec

House of Kube — Cloud Native Party Salt Lake City

Like I did in Paris last time, I ran my Workshop to 40+ people about Backstage, Score, Humanitec, Kubernetes and Terraform, just before the House of Kube party. The goal of this workshop is to see in action how these tools complete each others. I really love this in-person format, allowing to have great interactions with the participants.

My Backstage, Score, Humanitec and Terraform workshop.

For Score, as one of the core maintainer, and Cloud Native Ambassador, I was able to show and demo updates that the community was able to bring recently. At SLC, this was the first KubeCon since Score became a CNCF Sandbox project. Score sits very well between the two Platforms WG and Application Development WG in the TAG App Delivery. It was so exciting to connect with the community, and get inspirations for the future of this project. Can’t wait to show more progress at the next KubeCon in London!

For Humanitec, as Customer Success Engineer, I was also at the Humanitec booth to meet with the community, prospects, future and current customers. I’m gaining so much inspirations and energy from these discussions. I was also invited to do a lot of live demos in order to show the great stuffs we do with our customers and what our products and engeneering teams have been working on. Checkout the latest announcements in our blog or change logs around: the integration with Port, the resource graph in the UI, the new resource classes feature, the improvements with the GitOps mode, etc.

Resource Graph visualisation through Humanitec Portal

Learning by doing

After any KubeCon I attend, I go back home with plenty of inspirations and ideas for new projects integrations, proof-of-concepts, etc.

In the past, that’s how I started to learn and play with Kyverno, Sigstore, PSS and Chainguard.

This KubeCon NA 2024 was no exception. I took the time to speak directly with speakers and project maintainers about specific questions I had.

First, I wanted to integrate Sigstore with Score in order to improve its CNCF’s CLOMonitor posture. For example, I was able to sign the score-k8s’s container image and its Go packages. I got the inspiration from Adrian Mouat and his talk during Cloud Native Rejekts!

Second, I wanted to support arm64 for my sample .NET container. I also got the inspiration from Adrian Mouat and his talk during Cloud Native Rejekts!

Third, I wanted to improve my Backstage demo with Humanitec to run it as readOnlyRootFilesystem: true. For this part, I met with Patrik Oldsberg to chat about this associated issue he was literraly working on it at the Backstage Kiosk. Now released with Backstage 1.33!

Fourth (and last for now), I met with Solomon Hykes and the Dagger team, where I learned more about Dagger. They also gave me insights about how I can create Dagger Modules for both Score and Humanitec. More to come soon about this!

That’s what I love about KubeCon, meeting with people and the community, talking about concrete technical needs, and go home with concrete next steps, inspired by others.

What’s next?!

Drumroll, please… announcing the CNCF 2025 event lineup: London (UK), Honk Kong (China), Tokyo (Japan), Hyderabad (India) and Atlanta (USA). Without forgeting about the KCDs in 2025. Then, in 2026: Amsterdam (Holland) and Los Angeles (USA).

Some recaps about KubeCon SLC from others

Hope you enjoyed that one! Happy sailing, happy platforming! 🙂

London, United Kingdom

Platform engineering at KubeCon + CloudNative NA 2024 in Salt Lake City