Comprehensive Guide to Internal Developer Platform (IDP) Tools Based on PlatformEngineering.org Reference Architecture

September 25, 2024 · 6 min read

Platform Engineer | Kubernetes | Cloud-Native Advocate | OSS | Technical Writer

Internal Developer Platforms (IDPs) are essential for modern software development, offering a centralized toolkit to streamline the software lifecycle from code to production. IDP tools help with version control, CI/CD pipelines, observability, and resource management, making development processes more efficient and less complex. PlatformEngineering.org provides a reference architecture to structure and select these tools effectively. Here’s a breakdown of the tools based on each plane within the architecture.

title image reading "platform-tooling-landscape-by-platformengineering.org"

1. Developer Control Plane

The Developer Control Plane includes tools that facilitate the coding, configuration, and management of development environments, empowering developers to build and deploy applications efficiently.

IDE

Visual Studio Code - A popular code editor with extensive plugin support, making it ideal for collaborative development within an IDP.

Developer Portal

Developer portals centralize access to resources, documentation, and tools, enhancing the developer experience within an organization.

Backstage - An open-source platform for building developer portals, allowing teams to manage microservices, APIs, and resources.
Atlassian Compass - Connects all development tools and projects in a single portal, aiding in team collaboration and service ownership.
Configur8, Cycloid, Port, OpsLevel, LeanIX, Cortex, Humanitec Portal, Red Hat Developer Hub - These platforms provide varying degrees of service management, visibility, and developer self-service capabilities to enhance team productivity.

Version Control

Version control systems (VCS) are essential for tracking changes in codebases, supporting collaboration, and ensuring reliable deployment processes.

GitHub, Bitbucket, GitLab - These widely-used platforms offer VCS along with collaboration and integration capabilities with CI/CD tools.

Platform Source Code

Infrastructure as Code (IaC)

IaC tools automate infrastructure provisioning, enabling developers to define resources in a version-controlled manner.

Terraform - Automates cloud infrastructure management with reusable and shareable configurations.
Crossplane - Extends Kubernetes with cloud service provisioning capabilities, offering Kubernetes-native IaC.
OpenTofu - An open-source alternative to Terraform, enabling multi-cloud IaC with an emphasis on transparency.
Pulumi - Enables IaC in common programming languages, integrating well with CI/CD for streamlined deployments.

Automations

Automation tools streamline operational tasks, reducing the manual overhead associated with infrastructure and deployment.

Application Source Code / Workload Specification

Score, Workloads - Workload specification tools that simplify the process of defining and managing application environments.

2. Integration & Delivery Plane

This plane focuses on CI/CD pipelines and orchestration tools to automate the building, testing, and deployment of applications.

CI Pipeline

Continuous Integration (CI) tools automate the testing and building of code changes, ensuring quick feedback and high-quality releases.

GitHub Actions, Circle CI, GitLab CI, Jenkins, Travis CI, Azure DevOps, Google Cloud Build - These tools support CI processes and integrate with various VCS, making them adaptable to multiple workflows.

Platform Orchestrator

Orchestrators manage the deployment and lifecycle of applications across environments.

Humanitec Platform Orchestrator, Kratix, KusionStack - These orchestrators allow developers to define and manage deployments while abstracting away infrastructure complexity.

Image Registry

Container image registries store and manage Docker images, supporting easy retrieval and deployment.

Docker Hub, Harbor, JFrog Artifactory, Azure Container Registry, Google Artifact Registry, AWS ECR Registry, Quay - These registries support image versioning and secure storage of containerized applications.

Infrastructure Control Plane

Infrastructure control tools help manage infrastructure changes, provisioning, and versioning, promoting consistent and reliable deployments.

Atlantis, Spacelift, Terramate, Radius - These tools automate Terraform workflows, providing enhanced control and governance over IaC deployments.

CD Pipeline

Continuous Deployment (CD) tools automate the release of software, minimizing manual intervention for deploying to production.

ArgoCD, Humanitec Pipelines, Codefresh, GitHub Actions, GitLab CD, Flux CD, Octopus Deploy - These tools support automated deployment pipelines, monitoring, and rollback functionality.

3. Monitoring & Logging Plane

Observability and logging tools provide insights into system health, application performance, and errors, enabling teams to monitor, debug, and optimize deployments.

Observability

Observability tools allow teams to track and analyze system behavior in real time.

Datadog, Fluentbit, Jaeger, Google Cloud Operation Suite, ELK Stack, Logs, Grafana, Prometheus, Splunk, New Relic - These platforms monitor various metrics, including application performance, system health, and network activity.

Analytics

Analytics tools provide visibility into developer workflows, application usage, and operational performance.

Logilica - An analytics platform that supports software delivery intelligence, optimizing development workflows and CI/CD processes.

4. Security Plane

The Security Plane encompasses tools for managing secrets, enforcing policies, and identifying vulnerabilities, ensuring that applications and infrastructure meet security standards.

Secrets Management

Secrets management tools securely store sensitive information, such as passwords, keys, and tokens, protecting applications from unauthorized access.

HCP Vault, Google Secrets Manager, Azure Key Vault, AWS Secrets Manager - These tools provide encrypted storage and controlled access to sensitive information.

Security

Security tools support compliance, vulnerability scanning, and incident detection, safeguarding systems and data.

Tigera, Styra, Snyk, Azure Sentinel, Gremlin, Nirmata, Armo, Cilium, Aqua Security, Orca Security, Teleport, Anchore, Sysdig, Tetrate, Calico, Fossa - These tools offer a range of security functionalities, from policy enforcement to runtime protection.

5. Resource Plane

The Resource Plane includes tools for managing infrastructure components like compute, storage, networking, and messaging, forming the backbone of the IDP.

Compute

Compute tools provision and manage computing resources for running applications.

Amazon EKS, Google Kubernetes Engine, Azure Kubernetes Service - These managed Kubernetes services offer scalability and container orchestration for deploying applications.

Cluster Management

Cluster management tools help administer and monitor Kubernetes clusters, enhancing operational efficiency.

Rancher, Kubermatic, Rafay, Ambassador, Capsule - These tools facilitate Kubernetes management, offering multi-cluster support, observability, and automation.

Data

Data management tools handle database and storage requirements for applications.

Amazon S3, Aiven, PostgresSQL, RDS MySQL, Cloud SQL, Azure SQL, Redis, MongoDB, MariaDB, MySQL - These tools provide reliable storage and database services for applications of all scales.

Networking

Networking tools enable traffic routing, load balancing, and DNS management, connecting applications across environments.

Route 53, Cilium, Solo.io, Cloudflare, Envoy, Cloud DNS, Azure DNS, Google Public DNS - These solutions support domain management, service meshes, and traffic routing across distributed applications.

Services

Service tools facilitate communication, event handling, and messaging within distributed systems.

Amazon SQS, Amazon Service Bus, Google PubSub, Elasticsearch, Kafka, Azure Service Bus - These tools provide message queuing, event streaming, and search capabilities.

Messaging

Messaging tools support asynchronous communication within microservices architectures.

RabbitMQ, ActiveMQ - These tools offer message brokering services, enabling reliable inter-service communication.

Conclusion: Building a Resilient IDP with the Right Tools

Selecting the right tools for an IDP is crucial for fostering productivity, ensuring reliability, and improving scalability. With the PlatformEngineering.org reference architecture as a guide, organizations can design an IDP tailored to their operational needs and developer workflows. By leveraging the best tools across each plane—Developer Control, Integration & Delivery, Monitoring & Logging, Security, and Resource—teams can build an effective and efficient platform that streamlines development and empowers innovation.

1. Developer Control Plane​

IDE​

Developer Portal​

Version Control​

Platform Source Code​

Infrastructure as Code (IaC)​

Automations​

Application Source Code / Workload Specification​

2. Integration & Delivery Plane​

CI Pipeline​

Platform Orchestrator​

Image Registry​

Infrastructure Control Plane​

CD Pipeline​

3. Monitoring & Logging Plane​

Observability​

Analytics​

4. Security Plane​

Secrets Management​

Security​

5. Resource Plane​

Compute​

Cluster Management​

Data​

Networking​

Services​

Messaging​

Conclusion: Building a Resilient IDP with the Right Tools​