Odyssey Platform # 13

Another exciting week in the Platform Engineering ecosystem!

August 19, 2025 • Estimated Reading Time: 7 minutes 

Editor's Note
Welcome to another edition of Odyssey Platform Weekly! This week, we’re diving into fresh insights, key events, and powerful stories shaping the future of platform engineering.

🗞️ In this newsletter

🗓️ Events

🔦 Tool Spotlight

🔍️ Deep Dive: Crossplane provider getting started 🧠

🎯 Stay Inspired - Case Studies

👀 In Case you missed it

  • Latest news & events in the platform engineering domain

📆 Upcoming Events


Get ready for CloudCon Sydney 2025, happening September 9-10. This two-day in-person event brings together cloud leaders, engineers, and innovators to explore the latest in cloud computing, platform engineering, DevOps, and AI-driven infrastructure. Expect insightful keynotes, hands-on sessions, and opportunities to connect with peers who are shaping the future of scalable, secure, and sustainable platforms.
👉 Register here

🔦 Tool Spotlight

Once known primarily for powering search boxes, Elastic has evolved into a full-fledged platform for search, observability, and security. Its core engine, Elasticsearch, delivers blazing fast search and analytics across massive data volumes, making it a natural fit for logs, metrics, traces, and security events.

Elastic’s popularity comes from its flexibility and speed. Developers can index and query structured, unstructured, or time-series data without rigid constraints, while Kibana provides interactive dashboards for exploring everything from system performance to customer behaviour. Combined with Beats and Logstash for ingestion, the Elastic Stack gives teams an end-to-end data pipeline.

With Elastic Cloud, the platform has become cloud-native, offering fully managed deployments across AWS, Azure, and GCP. Features like machine learning anomaly detection, alerting, role-based access control, and integrations with tools like Grafana and Kubernetes extend its value for both DevOps and security teams.

From powering ecommerce search to enabling SIEM and observability at scale, Elastic has cemented itself as a go-to choice for organisations that need real-time insights from their data.

Elastic

Intro to kgateway 🚀 

🎬 Act 1: The Scene Setter - What Is kgateway?

Meet kgateway, the new favorite tool in the platform engineering shed! kgateway is an open-source API gateway built for Kubernetes-native environments that lets you manage, secure and observe API traffic in a way that’s both dev-friendly and ops-approved. Imagine an efficient traffic controller (with superpowers) at the doors of your cluster, orchestrating all incoming and outgoing API calls. 🛫🛬

🎪 Act 2: The Swiss Knife - Core Capabilities

Out of the box, kgateway shines with flexibility. Want to route calls to multiple services? Need authentication on some routes and not others? Hoping to retry failed requests or rate-limit certain clients? kgateway juggles these tasks convincingly:

Dynamic routing: 

  Point traffic to different backends based on path, host, or headers.

Security enforcer: 

  Enable JWT authentication, mutual TLS, and API keys without touching your apps.

Traffic shaping: 

  Set up rate limits, circuit breakers or retries in a config file, not your code.

Observability: 

  Automatic metrics, logs and distributed tracing hooks help you see what’s happening in real time.

Think of it like a Swiss army knife for your APIs, tiny, powerful, and endlessly versatile. 🗡️

🔧 Act 3: The Developer First Experience - Easy Setup in Kubernetes

You do not need to wrangle YAML endlessly or write custom controllers. Here is a super simple example of getting kgateway up and running: 

apiVersion: kgateway.io/v1alpha1
kind: HTTPRoute
metadata:
  name: example-route
spec:
  hostnames:
  - "api.mycoolapp.com"
  rules:
  - matches:
    - path:
      type: Prefix
      value: /v1/
    backendRefs:
    - name: my-cool-backend
      port: 80

What happened here?  

- Defined that all API requests to api.mycoolapp.com are handled by kgateway.

- Paths starting with “/v1/” are sent directly to our backend service.

- No mess, no boilerplate (just clean routing).

🔑 Act 4: The Security Upgrade - Enabling Auth

Want JWT authentication for a route? Add a few lines in your kgateway config: 

auth:
  jwt:
    issuer: "https://auth-provider"
    audiences:
    - "myapi"

- Now every request is checked for a valid token.

- Invalid or expired? kgateway blocks access—no manual code checks needed.

- You can mix and match other authentication methods as needed.

This links your AWS provider to the secret and follows Kubernetes best practices for secure credential management.

👀 Act 5: Visibility and Beyond - Monitor All the Things

- Out-of-the-box dashboards

- Latency, error rates, and traffic breakdowns by route

- Tracing problematic requests from edge to pod 

apiVersion: apps.example.org/v1alpha1
kind: MyAppClaim
metadata:
  name: payment-service
spec:
  environment: staging
  image: registry.example.com/payments:v1.4.2
  secretsRef: payment-service-secrets

🎬 Curtain Call: Why kgateway?

kgateway is purpose-built for Kubernetes, easy for developers, and powerful for operators. It centralizes API security, traffic management and visibility, in one smart, composable gateway. If you want to tame your service mesh chaos or just need a sensible, modern API gateway, kgateway is ready for the spotlight.

🎯 Stay Inspired - Case Studies

Etsy: Doing More With Less Cost and Infrastructure

Who: Etsy, a global ecommerce marketplace with 2.8 million sellers and over 66 million unique items, helping individuals (most of whom are women working from home) turn creativity into income.

What They Did:
Etsy migrated its data centers and ecommerce platform to Google Cloud while adopting Google Workspace for collaboration. The transformation focused on scalability, sustainability, and cost efficiency. Key initiatives included:

  • Migrated 5.5 petabytes of data to Google Cloud in record time

  • Shifted 15 percent of engineering headcount from infrastructure management to customer experience

  • Optimised resources post migration with resizing, storage tiering, and committed use discounts

  • Leveraged Google Cloud cost data to democratise visibility across teams and improve efficiency

  • Embedded sustainability goals into infrastructure strategy with Google Cloud’s carbon neutrality and AI driven efficiency

  • Adopted Google Workspace for cross functional collaboration, asynchronous workflows, and distributed work

Tech Stack & Tools Used: Google Cloud Platform, BigQuery, Looker, Google Workspace (Docs, Sheets, Slides, Meet, Forms), AI and ML services, Cloud Billing and Cost Management

Why It Matters:

✅ Significant cost savings with a 42 percent reduction in compute costs through committed use discounts and optimization
✅ Sustainability gains with more than 50 percent savings in compute energy, aligned with Etsy’s mission to Keep Commerce Human
✅ Improved engineering efficiency with 15 percent of engineering resources freed to focus on product and customer experience
✅ Experimentation at scale with twice as many AI and data analytics experiments driving better search and recommendations
✅ Collaboration at speed with 1,050 Meets per day and nearly 600,000 files shared, enabling global teamwork during a pandemic

👀 In Case You Missed It…

Survey Reveals Vulnerable Code at the Root of Most Breaches A new industry survey shows that a large portion of security breaches can be traced back to unpatched or insecure code, underscoring the urgent need for stronger DevSecOps practices and early-stage code scanning.

Sentry Expands APM with MCP Server Monitoring
Sentry has added support for monitoring MCP servers directly in its APM platform, giving teams deeper visibility into AI-driven workflows and application performance

Sonar Flags Risks of Relying on LLMs for Code
Sonar highlights several caveats when using large language models for coding, warning that AI-generated code often lacks security, quality, and maintainability safeguards.

Till next time,