We had a great discussion today. Thanks all for joining! Here is the board: # Platform Coffee - 2024-05-08 * Participants: 6 * Note authors are hidden * Link to board (https://scrumlr.io/board/1418dedc-d18d-47d2-b53a-9c695a38484d) ## Topics (1 Notes) * More geeky: Opinions ((?) on TestConatiners for idempotent Environments as a tool set for clean environments. Docker bought TestContainers. I heard TestContainers can be used in GitOps (GitHub Actions) ## Done (4 Notes) * Policy as Code at scale * multi-cluster (kubernetes) fleet management * How important are the principles of ITIL Service Delivery (Developers are the End User in focus, in receipt of services) in the deployment of Platform Engineering? * Platform engineering and GitOps place the git repository at the centre of everything, leading to new or increased risks. How can we protect the repositories and maintain security in the (deployment, infrastructure, configuration) pipelines. ## Links/Info (7 Notes) * https://github.com/ChristofferNissen/helmper * https://kyverno.io/ * https://tag-app-delivery.cncf.io/wgs/platforms/ * State of DevOps 2024 => State of Platform Engineering https://www.puppet.com/blog/state-devops-report-2024 * https://communityinviter.com/apps/cloud-native/cncf * Cluster Inventory API: https://github.com/kubernetes-sigs/cluster-inventory-api * I participated an CNCF Webinar last week about Policy as Code (application tiers for user permissions) using GitOps CNCF Blurb: The authorization logic for determining whether a user can do an action on a specific resource inside of the application code is some of the most sensitive and impactful if it isn't correct. Using modern GitOps approaches for testable, versionable and auditable authorization removes many of the barriers around user permissions and improves your security posture.

Generated on scrumlr.io (https://scrumlr.io)

Provided with ♥️ by inovex (https://www.inovex.de)

This sounds like a particularly buzzing day! 🙌 I'm curious about the fleet management for k8s clusters. Did that conversation dive into any details that can/might be interesting to discuss more here?

I think there wasn't anyone on the call who had much experience with accomplishing this so it'd be a good item to discuss here if anyone does have experience running large multi-cluster environments. There were two aspects that came up: • Platform/infra team interface to managing many clusters • Developer experience in an environment with many possible deployment destinations I did bring up that intelligent workload placement is being tackled at places like netflix and likely commercial products, too, but I don't have experience in the space.