Build a platform

Top platform engineering teams use Humanitec’s products to build the perfect Internal Developer Platform (IDP) using:

Why build an Internal Developer Platform (IDP) with Humanitec?

Tried, tested, and used in production by startups to Fortune 500 businesses, the Platform Orchestator enables top-performing teams to automate repetitive tasks and drive standardization by design across infrastructure provisioning and app config management. All while keeping a high degree of flexibility, by enabling teams to build an enterprise-grade IDP and tailor it to their specific needs.

Pivoting in platforming is expensive and time-intensive. The Platform Orchestrator is the fastest and most reliable way to build an IDP, and teams who use it take eight to twelve weeks on average to roll out their platform across multiple teams, instead of at least 24 months to build one from scratch.

For developers, our open-source workload specification Score enables users to request the Resources their Workload depends on in a declarative way. Developers can describe their Workloads and dependencies as code once—and run them across completely different technology stacks with no need to be an expert in any one of them. There’s no context-switching, and it’s easy to learn. With Score, developers no longer have to fight a bunch of tech and tools when promoting workloads from local to production, and can focus more on writing and deploying code.

Organizations using the Platform Orchestrator see 4x higher deployment frequency, 75% less Ops overhead, and 30% faster lead time. This is because it empowers teams with true developer self-service which resolves key issues such as being flooded with tickets and Slack messages, DevOps burnout, and Ops bottlenecks. The result is less time spent on maintenance, serving developers, or worrying about security violations — and more time to focus on key business metrics such as slashing time to market (TTM).

What does an IDP built with Humanitec look like?

An enterprise-grade IDP built with Humanitec’s products will consist of five planes and most likely look like this:

Internal Developer Platform

Developer Control Plane

This plane is the primary configuration layer and interaction point for the platform users. It’s made up of the following components:

  • A Version Control System. GitHub is a prominent example, but this can be any system that contains two types of repositories:
    • Application Source Code
    • Platform Source Code, e.g. using Terraform
  • Workload specifications. The reference architecture uses Score.
  • A Portal for developers to interact with. It can be the Humanitec Portal, but you might also use Backstage or any other Portal on the market.

Integration and Delivery Plane

This plane is about building and storing the image, creating app and infra configs from the abstractions provided by the developers, and deploying the final state. It’s where the domains of developers and platform engineers meet.

This plane usually contains four different tools:

  • A CI pipeline. It can be GithubActions or any CI tooling on the market.
  • The image registry holding your container images. Again, this can be any registry on the market.
  • An orchestrator which in our example is the Humanitec Platform Orchestrator.
  • The CD system, which can be the Platform Orchestrator’s deployment pipeline capabilities, an external system triggered by the Orchestrator using a webhook, or a setup in tandem with GitOps operators like ArgoCD.

Monitoring and Logging Plane

The integration of monitoring and logging systems varies greatly depending on the system.

Security Plane

The security plane of the reference architecture is focused on the secrets management system. The secrets manager stores configuration information such as database passwords, API keys, or TLS certificates needed by an Application at runtime. It allows the Platform Orchestrator to reference the secrets and inject them into the Workloads dynamically. You can learn more about secrets management and integration with other secrets management here.

Resource Plane

This plane is where the actual infrastructure exists including clusters, databases, storage, or DNS services. The configuration of the Resources is managed by the Platform Orchestrator which dynamically creates app and infrastructure configurations with every deployment and creates, updates, or deletes dependent Resources as required.

How it works

Using Score, our OSS workload specification, developers describe how their apps fit together and define which resources they depend on. The Humanitec Platform Orchestrator then resolves these requests against the baseline configs set by the platform team.

How Humanitec works

With every git-push, the Platform Orchestrator interprets what resources and configs are required for a workload to run. It creates app and infrastructure configs based on rules defined by the platform team and executes them following a “Read”-”Match”-”Create”-”Deploy” pattern:

  • Read: interpret workload specification and context.
  • Match: identify the correct configuration baselines to create the application configurations and identify what resources to resolve or create based on the matching context.
  • Create: create application configurations; if necessary, create (infrastructure) resources, fetch credentials and inject credentials as secrets.
  • Deploy: deploy the workload into the target environment wired up to its dependencies.

Next steps

The five-minute IDP

Use a platform