Cloud-native platform engineering in the enterprise
The director of engineering for a Fortune 20 automotive company spoke on the latest cloud-native tools for platform engineering, and the challenges and opportunities ahead with AI.
ATLANTA – Cloud-native tools abound for platform engineering, but with software supply chain security risks on the rise and AI hitting the scene, it pays to keep up with the latest updates.
For the director of engineering at a Fortune 20 automotive company, those updates were plentiful during KubeCon + CloudNativeCon North America 2025. Gaurav Saxena expanded his platform engineering team to 50 engineers over the last two years. That team has evolved to support developer experience and productivity, an internal developer platform, data infrastructure and reliability engineering. Saxena is also responsible for modernizing core infrastructure stacks, including compute, network, storage and CI/CD, to enhance reliability and developer efficiency.
Saxena, who requested that his company not be named due to policies that prohibit him from representing it in the press, sat down for an interview on-site at the conference with the IT Ops Query podcast. During that discussion, Saxena explained the Cloud Native Computing Foundation (CNCF) projects he's found most useful at his company, how his team is addressing software supply chain security risks on behalf of developers and his outlook on how AI will affect the platform engineering discipline.
Application developer teams should not think in terms of Kubernetes. They should focus on their application needs.
Gaurav Saxena, Director of engineering, Fortune 20 automotive company
"The common theme is, how do you [set up] your developer experience in a way that they focus on the business logic?" he said. "Application developer teams should not think in terms of Kubernetes. They should focus on their application needs."
To accomplish that, however, platform engineering teams must think not just in terms of Kubernetes, but tools that ease the workload for both developers and themselves with infrastructure automation features. One of the CNCF tools Saxena's team uses for this is Crossplane, an infrastructure-as-code tool that extends the Kubernetes management API to orchestrate resources outside of container clusters, such as cloud VMs.
Another is KubeVela, a deployment-as-code project at the incubation stage in the CNCF. KubeVela provides a set of declarative Kubernetes objects that translate developer requests into infrastructure that can be delivered consistently by an internal developer platform. This balances a platform team's need for repeatability with supporting a diverse set of developer users, Saxena said. The OpenTelemetry distributed tracing project and Sigstore attestation tool are also woven into standard platform engineering workflows and developer templates for Saxena's team.
"The common theme here is that 'no-silo' effect, meaning you have a one, standardized [workflow for] alerting, operations, security … so teams don't reinvent their wheels, and they just focus on what moves the needle for the company, what makes the company money," Saxena said.
Among the new tools Saxena had his eye on during KubeCon was the Envoy AI Gateway, currently in version 0.4 on GitHub. The project adds support for servicing network request traffic between application clients and generative AI services to the Envoy application gateway, based on the widely used CNCF Envoy proxy.
"You can think about it as a traditional Layer 7 load balancer, but with intelligence built into it in terms of which model to route the request [to] and rate limits," he said. "It could be like, 'If this workload can be run on a cheaper [model], with the same inference time, I should route that request to that particular model.' Those are the capabilities I can see getting adopted in the next six months."
Overall, supporting AI workloads will only intensify scrutiny on platform engineering teams' discipline around IT governance and security, Saxena said.
"Security and observability cannot be an afterthought -- [they] have to be first-class citizens," he said. "As you are building your AI workloads or applications, they need to be governed, not only from the security point of view, but you also need to be able to observe how that workload is doing in the real [world]."
Beth Pariseau, a senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.
