Building a Complete Developer Platform on Kubernetes

Introduction

A Developer Platform on Kubernetes empowers developers with self-service deployments, while platform teams maintain security, governance, and operational stability.

In this guide, we will:

  • Set up a Kubernetes cluster
  • Create namespaces for teams
  • Implement RBAC for security
  • Enable GitOps-based deployments
  • Set up monitoring and logging

Step 1: Set Up a Kubernetes Cluster

For local testing, use Minikube or kind:

minikube start --cpus 4 --memory 8g

For production, use a self-managed Kubernetes cluster.

Ensure kubectl and helm are installed:

kubectl version --client
helm version

Step 2: Create Namespaces for Teams

We create isolated namespaces for different teams to deploy applications.

Namespace YAML

apiVersion: v1
kind: Namespace
metadata:
  name: dev-team
---
apiVersion: v1
kind: Namespace
metadata:
  name: qa-team
Click Here to Copy YAML

Apply Namespace Configuration

kubectl apply -f namespaces.yaml

Step 3: Implement Role-Based Access Control (RBAC)

RBAC ensures developers have limited access to their namespaces.

RBAC YAML

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: dev-team
  name: developer-role
rules:
  - apiGroups: [""]
    resources: ["pods", "deployments", "services"]
    verbs: ["get", "list", "create", "update", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  namespace: dev-team
  name: developer-binding
subjects:
  - kind: User
    name: dev-user
    apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: developer-role
  apiGroup: rbac.authorization.k8s.io
Click Here to Copy YAML

Apply RBAC Configuration

kubectl apply -f rbac.yaml

Step 4: Deploy an Application

Developers can now deploy applications in their namespace.

Deployment YAML

apiVersion: apps/v1
kind: Deployment
metadata:
  name: sample-app
  namespace: dev-team
spec:
  replicas: 2
  selector:
    matchLabels:
      app: sample-app
  template:
    metadata:
      labels:
        app: sample-app
    spec:
      containers:
        - name: sample-app
          image: nginx
          ports:
            - containerPort: 80
Click Here to Copy YAML

Apply Deployment

kubectl apply -f deployment.yaml

Step 5: Set Up GitOps for Continuous Deployment

We use ArgoCD for GitOps-based automated deployments.

Install ArgoCD

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

Step 6: Configure Monitoring & Logging

To enable observability, we set up Prometheus & Grafana.

Install Prometheus & Grafana using Helm

helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm install monitoring prometheus-community/kube-prometheus-stack --namespace monitoring --create-namespace

Access Grafana

kubectl port-forward svc/monitoring-grafana 3000:80 -n monitoring

Login credentials:

  • Username: admin
  • Password: Run this command to get it:
kubectl get secret --namespace monitoring monitoring-grafana -o jsonpath="{.data.admin-password}" | base64 --decode

Conclusion

  • Developers get self-service access to deploy apps.
  • RBAC ensures security and access control.
  • GitOps with ArgoCD enables automated deployments.
  • Monitoring stack ensures observability.

By building this Internal Developer Platform on Kubernetes, we empower developers while maintaining operational control.

How do you manage developer workflows in Kubernetes? Drop your thoughts below! 👇

Leave a comment