Platform Engineering Podcast

Pavlo Baron, co-founder and CEO of Platform Engineering Labs and creator of Foray, is a veteran infrastructure and observability engineer. He digs into why Infrastructure as Code still needs babysitting. Topics include Terraform drift and state wrangling, tool sprawl and simpler stacks, type-safe constrained interfaces, use-case-driven guardrails, and how Forme aims to reduce ops toil.

Billions of requests a month on AWS Lambda can cost less than a single engineer’s laptop budget, but only if the architecture and developer workflow are designed for it.Justin Masse, Senior Platform DevOps Engineer at Extend, shares how Extend committed early to a serverless-first approach and built a platform that prioritizes developer speed and low operational toil. The conversation breaks down what it takes to run active-active, multi-region systems in a serverless world, how the team keeps services small and fast, and why asynchronous, event-driven design changes both reliability and cost.You’ll also hear how Extend treats developer experience as a core platform responsibility: templated microservices, fast deployment pipelines, ephemeral environments for pull requests, and infrastructure that developers can own without becoming cloud specialists. A big theme is using AWS CDK and internal abstractions to keep infrastructure close to the application code, so teams can move quickly while keeping platform standards consistent.Finally, the discussion gets practical about tradeoffs that show up after the “serverless is easy” pitch: local development challenges, the real cost center (observability), and where AI is helping today, including an internal agent that diagnoses failed deployments and suggests fixes.What you’ll learnWhy Extend avoids servers and VPC complexity, and what they use insteadPatterns for active-active, multi-region thinking in a serverless architectureHow DevEx practices like templates and ephemeral environments reduce frictionA pragmatic approach to IaC with CDK and reusable internal constructsWhere serverless costs stay low, and why observability often dominates the billHow AI is being applied to platform workflows without skipping engineering judgmentGuest: Jusin Masse, Senior Platform DevOps Engineer at ExtendJustin Masse is a self-proclaimed lead chaos engineer, recognized within niche engineering communities for his expertise Chaos Engineering and Infrastructure & DevOps.The father of three young kids, a husband, a recent MBA graduate, recent cancer survivor, and competitive powerlifter, he still finds time to actively contribute to the platform engineering community.Justin Masse, websiteJustin Masse, GitHubExtend, websiteLinks to interesting things from this episode:Episode with Adrian Cockroft“From $erverless to Elixir” by Cory O’Daniel

What happens when nobody wrote the code running in your production environment? As AI-generated software becomes standard practice, platform engineers face a new challenge: operating systems without experts to consult.Nic Benders, Chief Technical Strategist at New Relic, has spent 15 years watching observability evolve from basic server monitoring to understanding complex distributed systems. Now he's tackling the next frontier: how to maintain and operate software when there's no human author to ask why something was built a certain way.The conversation covers the shift from instrumentation being the hard problem to understanding being the bottleneck. Nic explains why inventory matters more than you think, how to approach AI-generated code as a black box that needs testing and telemetry, and why "garbage in, safety out" should be your new mantra.You'll learn practical strategies for instrumenting modern systems with OpenTelemetry, why your observability hierarchy needs to start with knowing what's actually running, and how to build platforms that make safe deployment easier than risky shortcuts. Nic also shares his perspective on technical drift versus technical debt and what changes when your best troubleshooting tool - institutional knowledge - no longer exists.Whether you're drowning in observability data or just starting to instrument your systems, this conversation offers concrete approaches for building understanding into your platform engineering practice.Guest: Nic Benders, Chief Technical Strategist at New RelicNic Benders is New Relic's Chief Technical Strategist. Part of the Engineering team since the early days of the company, Nic has been involved with everything from Agents to ZooKeeper and all the pieces and products in between. As New Relic's Chief Technical Strategist, he now looks after the long-term technical strategy behind the product and the experience of all the engineering teams who build it. Before New Relic, he worked in the mobile space, managing back-end messaging and commerce systems powering some of the largest carriers in the world.New Relic, websiteNew Relic, BlogLinks to interesting things from this episode:OpenClaw (aka Moltbot, aka Clawdbot)Moltbook

Brian Childress, a platform engineer and fractional CTO who simplifies platforms and integrates AI, discusses keeping platforms simple at scale. He talks about designing a minimal platform developers actually use. He covers local-to-prod workflows, onboarding humans and AI, avoiding resume-driven complexity, and where Kubernetes, microservices, and NoSQL often add unnecessary friction.

What if changing a single flag could save you from a failed migration, a broken API, or a late-night rollback?Join us as we dive into how feature flags become a practical tool for changing application behavior at runtime, not just toggling UI elements. Cory talks Mike Zorn about real stories from LaunchDarkly and Rippling, covering how teams use flags to ship safely, debug faster, and simplify complex systems.You’ll hear about:Using feature flags to avoid staging overload and ship directly to productionMigrating critical systems and databases with minimal downtime and riskControlling log levels and rate limits for specific customers on the flyManaging flag sprawl so teams do not drown in half-rolled-out featuresExperimenting with AI features, prompts, and models without fully committingIf you’re working on a platform, running critical infrastructure, or just trying to ship faster without breaking everything, this conversation offers concrete patterns you can start using right away.Guest: Mike Zorn, Senior Software Engineer at RipplingMike’s software engineering journey began with an early interest in problem-solving and programming, starting with creating programs on a TI-83 calculator in middle school. After studying mathematics in college, he transitioned into software through an applied math project that required coding, which sparked his interest in engineering as a career. Professionally, he has worked at several product and SaaS companies, including one that was an early LaunchDarkly customer, where they experienced firsthand the challenges of managing feature flags internally. That experience led him to appreciate the value of tools like LaunchDarkly, eventually joining the company himself. Since then, he has contributed across various areas, including focusing on how LaunchDarkly can best adopt its own platform internally to streamline releases and help engineers work more efficiently. His latest adventure has been joining Rippling as a Senior Staff Software Engineer.Mike Zorn, GitHubMike Zorn, EmailRipplingLaunchDarklyLinks to interesting things from this episode:SigNozSignadotOpen Container Initiative“Using Feature Flags to Avoid Downtime During Migrations”Apache Iceberg

Most Kubernetes security breaches don't come from zero-day exploits - they come from misconfigurations. While your team runs scanners and reviews reports, containers are already running as root, network policies are missing, and compliance violations are piling up across dozens of repositories.Jim Bugwadia, co-founder and CEO of Nirmata and creator of Kyverno, joins Cory to talk about a different approach: policy as code. Instead of asking developers to remember security best practices across every repo, what if your cluster automatically enforced secure defaults and blocked non-compliant deployments before they ever reached production?You'll learn how to start using Kyverno today without breaking your production environment - from running your first audit scan (no installation required) to implementing enforcement mode with exceptions. Jim explains why micro-segmentation matters more than ever, how to automate network policies for every namespace, and why platform teams are using Kyverno for everything from security to cost optimization.Whether you're running one cluster or managing Kubernetes at scale, this conversation offers practical strategies for making security a byproduct of your platform - not an afterthought.Topics covered:Why shift-left security fails and what "shift-down" means for platform teamsHow to implement Kubernetes policy enforcement without grinding deployments to a haltAutomating secure defaults: network policies, resource quotas, and role bindingsThe crawl-walk-run approach to rolling out policies in existing clustersReal-world use cases beyond security: cost optimization and resource managementGuest: Jim Bugwadia, Co-Founder & CEO of Nirmata and creator of KyvernoJim Bugwadia is the Co-founder and CEO of Nirmata, a Kubernetes management platform built for enterprises to simplify and scale cloud-native operations across clouds, data centers, edge, and connected devices. With a mission to democratize cloud-native best practices, Jim brings deep expertise in building large-scale software products and leading high-performing teams. Before founding Nirmata, he led a global consulting team at Cisco, guiding enterprises and service providers on their cloud computing journeys. Earlier in his career, he contributed to innovative products at startups and major companies including Trapeze Networks, Pano Logic, Jetstream, Lucent, and Motorola. A hands-on technologist, Jim continues to code in Go, Java, and JavaScript, reflecting his passion for building in the rapidly evolving world of software.Jim Bugwadia, XNirmataKyvernoLinks to interesting things from this episode:Kyverno Community Repository“Shift-Down Security” PaperOpenReportsPolicy Reporter“The Shai-Hulud npm malware attack: A wake-up call for supply chain security”Kyverno Slack Channel

Is your Git repo really the source of truth for infrastructure - or just a suggestion?Guest host Kelsey Hightower sits down with Cory O’Daniel to unpack why many teams hit dead ends with CI/CD for provisioning, where GitOps struggles with drift, and when TicketOps helps or hurts. They explore a different model: infrastructure as data with typed contracts, shared artifacts, and workflows that embed policy, validation, and upgrades from the start. You’ll hear practical ways to reduce cognitive load for developers while giving operations reliable control and better day‑2 levers.You’ll learn:Why pipelines are a poor fit for infra provisioning and what to do insteadHow to reason about drift as a three‑way merge with realityWhen reconciliation helps, and when it breaks production firefightsHow typed contracts and artifacts connect modules and teams without glue scriptsWays to present safer self‑service without requiring everyone to learn TerraformA simple mental model for treating TicketOps as a surface, not the workflowGuest Host: Kelsey HightowerKelsey has worn every hat possible throughout his career in tech and enjoys leadership roles focused on making things happen and shipping software. Prior to his retirement, he was a Distinguished Engineer at Google, where he worked on Google Cloud Platform. He is a strong open source advocate with a focus on building great software as well as great communities around them. He is also an accomplished author and keynote speaker with a knack for demystifying complex topics, doing live demos and enabling others to succeed. When he is not writing code, you can catch him giving technical workshops covering everything from programming to system administration.Guest: Cory O'Daniel, CEO and Co-Founder of Massdriver and Co-Founder of OpenTofuCory has been a software architect and engineer for 20 years, leading up to the founding of MassDriver. He's also a husband and the father of two kids.Cory O'Daniel, XCory O'Daniel, MediumMassdriver, websiteMassdriver, GitHubMassdriver, YoutubeOpen TofuLinks to interesting things from this episode:"Gitopscracy" video

What if your production environment had a live, trustworthy blueprint you could zoom in and out of on demand?Kelsey Hightower guest-hosts a candid conversation with Cory about why CI/CD pipelines and GitOps often break down for cloud infrastructure. They explore a simpler operational model: treat infrastructure as data, lean on clear checkpoints instead of rigid “golden paths,” and make production legible for both developers and ops.You’ll learn:Where CI/CD adds friction for infra and what to do insteadWhy GitOps works for apps but hits limits for databases, networks, and multi-region realitiesHow “living diagrams” help new teammates understand prod on day onePractical guardrails that evolve with your org without locking teams inWays to reduce drift, surprise cloud costs, and Day Two chaosA mindset shift: databases for ops data, not shell-script archaeologyWalk away with concrete patterns to make production understandable, auditable, and easier to change—without more YAML or bigger pipelines.Guest Host: Kelsey HightowerKelsey has worn every hat possible throughout his career in tech and enjoys leadership roles focused on making things happen and shipping software. Prior to his retirement, he was a Distinguished Engineer at Google, where he worked on Google Cloud Platform. He is a strong open source advocate with a focus on building great software as well as great communities around them. He is also an accomplished author and keynote speaker with a knack for demystifying complex topics, doing live demos and enabling others to succeed. When he is not writing code, you can catch him giving technical workshops covering everything from programming to system administration.Guest: Cory O'Daniel, CEO and Co-Founder of Massdriver and Co-Founder of OpenTofuCory has been a software architect and engineer for 20 years, leading up to the founding of MassDriver. He's also a husband and the father of two kids.Cory O'Daniel, XCory O'Daniel, MediumMassdriver, websiteMassdriver, GitHubMassdriver, YoutubeOpen TofuLinks to interesting things from this episode:SigNoz“The $6,459 Terraform Lesson: Why Infrastructure Lifecycle Monitoring Matters” by Liz Fong-Jones "Gitopscracy" video

In this engaging discussion, Cory O'Daniel, CEO of Massdriver and co-founder of OpenTofu, shares his expertise from two decades as a software architect. He tackles the challenges of Infrastructure as Code, emphasizing why having great Terraform modules isn't enough without clear upstream decisions. Cory explains how to prevent choice overload in cloud configurations and introduces innovative ways to combine IaC with user experience and SLAs. Their conversation also highlights how to safely automate infrastructure choices while reducing complexity.

Still freezing code before Black Friday and hoping nothing breaks? Feature flags can help you ship smaller, safer changes continuously—without the “big bang” risk or painful rollbacks.Cory O’Daniel talks with Unleash VP of Marketing Michael Ferranti about how modern teams use flags as a core delivery primitive alongside CI/CD and trunk-based development. They dig into kill switches for instant mitigation, progressive rollouts tied to real metrics, and why homegrown “if-statement” systems turn into hidden platforms you didn’t mean to build. They also cover the rising volume of AI‑assisted code and how flags provide the control layer to move faster while protecting reliability.What you’ll learn:How feature flags reduce risk for high-stakes periods like Black Friday by avoiding code freezesWhen to replace staging queues with progressive delivery and experiment-driven rolloutsPractical uses: kill switches, trunk-based development, targeting, and cleanup strategies to manage flag debtBuild vs. buy: why DIY flag systems become costly and how Unleash’s open source and on-prem options fit regulated or air‑gapped needsUsing business, engineering, and customer signals to automate safe ramp-ups and ramp-backsWhy AI increases code throughput, how it affects reliability, and how flags create the safety rails for agentic workflowsGuest: Michael Ferranti, VP of Marketing at UnleashMichael Ferranti has held leadership roles at Teleport, Portworx, ClusterHQ, and Rackspace Technology, with a focus on go-to-market strategy in open-source and enterprise software. At Teleport he focused on shifting from legacy security models to developer-first, identity-driven access. At Portworx, he was building new GTM strategies for Kubernetes-native storage when everyone was still figuring out containers, and he helped scale the company from under $500K in revenue to a $370M acquisition by Pure Storage. His work has centered on supporting engineering leaders in delivering features, scaling infrastructure, and improving security without adding unnecessary blockers. Michael has spoken at industry events like KubeCon and theCUBE, sharing insights on platform org design, category creation, and growing open-source adoption. Unleash, websiteUnleash, GitHubUnleash, LinkedInUnleash, XUnleash, SlackUnleash, YouTubeUnleashCon 2025Links to interesting things from this episode:ReactBitbucketLaunchDarklyServiceNowCockroachDBRed Hat OpenShiftState of DevOps Report (DORA)"How to Win Friends & Influence People"Grafana** REMINDER** - Apollo GraphQL has kindly offered us a few free passes to join them at the GraphQL Summit in San Francisco, October 6-8, 2025. If you are interested in going, the code is: PodcastSummit25