Platform Engineering Podcast

What if changing a single flag could save you from a failed migration, a broken API, or a late-night rollback?

Join us as we dive into how feature flags become a practical tool for changing application behavior at runtime, not just toggling UI elements. Cory talks Mike Zorn about real stories from LaunchDarkly and Rippling, covering how teams use flags to ship safely, debug faster, and simplify complex systems.

You’ll hear about:

• Using feature flags to avoid staging overload and ship directly to production
• Migrating critical systems and databases with minimal downtime and risk
• Controlling log levels and rate limits for specific customers on the fly
• Managing flag sprawl so teams do not drown in half-rolled-out features
• Experimenting with AI features, prompts, and models without fully committing

If you’re working on a platform, running critical infrastructure, or just trying to ship faster without breaking everything, this conversation offers concrete patterns you can start using right away.

Most Kubernetes security breaches don't come from zero-day exploits - they come from misconfigurations. While your team runs scanners and reviews reports, containers are already running as root, network policies are missing, and compliance violations are piling up across dozens of repositories.

Jim Bugwadia, co-founder and CEO of Nirmata and creator of Kyverno, joins Cory to talk about a different approach: policy as code. Instead of asking developers to remember security best practices across every repo, what if your cluster automatically enforced secure defaults and blocked non-compliant deployments before they ever reached production?

You'll learn how to start using Kyverno today without breaking your production environment - from running your first audit scan (no installation required) to implementing enforcement mode with exceptions. Jim explains why micro-segmentation matters more than ever, how to automate network policies for every namespace, and why platform teams are using Kyverno for everything from security to cost optimization.

Whether you're running one cluster or managing Kubernetes at scale, this conversation offers practical strategies for making security a byproduct of your platform - not an afterthought.

Topics covered:

• Why shift-left security fails and what "shift-down" means for platform teams
• How to implement Kubernetes policy enforcement without grinding deployments to a halt
• Automating secure defaults: network policies, resource quotas, and role bindings
• The crawl-walk-run approach to rolling out policies in existing clusters
• Real-world use cases beyond security: cost optimization and resource management

Is your Git repo really the source of truth for infrastructure - or just a suggestion?

Guest host Kelsey Hightower sits down with Cory O’Daniel to unpack why many teams hit dead ends with CI/CD for provisioning, where GitOps struggles with drift, and when TicketOps helps or hurts. They explore a different model: infrastructure as data with typed contracts, shared artifacts, and workflows that embed policy, validation, and upgrades from the start. You’ll hear practical ways to reduce cognitive load for developers while giving operations reliable control and better day‑2 levers.

You’ll learn:

• Why pipelines are a poor fit for infra provisioning and what to do instead
• How to reason about drift as a three‑way merge with reality
• When reconciliation helps, and when it breaks production firefights
• How typed contracts and artifacts connect modules and teams without glue scripts
• Ways to present safer self‑service without requiring everyone to learn Terraform
• A simple mental model for treating TicketOps as a surface, not the workflow

What if your production environment had a live, trustworthy blueprint you could zoom in and out of on demand?

Kelsey Hightower guest-hosts a candid conversation with Cory about why CI/CD pipelines and GitOps often break down for cloud infrastructure. They explore a simpler operational model: treat infrastructure as data, lean on clear checkpoints instead of rigid “golden paths,” and make production legible for both developers and ops.

You’ll learn:

• Where CI/CD adds friction for infra and what to do instead
• Why GitOps works for apps but hits limits for databases, networks, and multi-region realities
• How “living diagrams” help new teammates understand prod on day one
• Practical guardrails that evolve with your org without locking teams in
• Ways to reduce drift, surprise cloud costs, and Day Two chaos
• A mindset shift: databases for ops data, not shell-script archaeology

Walk away with concrete patterns to make production understandable, auditable, and easier to change—without more YAML or bigger pipelines.

Ever wonder why strong Terraform modules still lead to long review queues and fragile pipelines? From hand-built scripts and early data center migrations to cloud sprawl and Kubernetes, configuration management has changed a lot - but the core struggle remains: too many decisions, not enough guardrails. Guest host Kelsey Hightower sits down with Cory O’Daniel to unpack where Infrastructure as Code succeeds and where teams get stuck.

What you’ll learn:

• How to avoid “choice overload” in cloud configs by moving decisions upstream
• Practical ways to pair IaC with UX, policies, and SLAs to reduce toil
• When click-ops is a symptom, not the problem - and how to replace it safely
• Patterns for scaling platform practices beyond a handful of experts
• A simple mental model for mapping workflows across serverless, containers, and VMs