STAKATER STAKATER Internal Developer Platform
For engineering organisations ready to give every developer self-service access to standardised infrastructure — without scaling the platform team to match.
The more your engineering organisation grows, the worse the ratio gets — and the harder it becomes to deliver anything else.
Every developer request — a new environment, a namespace, a database — lands in the platform team's ticket queue. Every new hire makes it worse.
Without a catalog, every team builds their own patterns. Security policies applied inconsistently. Compliance gaps nobody notices until audit time.
Resources sprawl across teams and projects. No chargeback to business units. No visibility into what's running, what's idle, and who owns it.
Without a platform layer, there's no good answer. You're choosing between two failure modes.
Too much access
✗ Teams build inconsistent patterns
✗ Security policies bypass possible
✗ Resource sprawl, cost overruns
✗ No audit trail per team
✗ Compliance gaps at audit time
Too little access
✗ Platform team is the bottleneck
✗ Developers wait days for environments
✗ Platform team can't scale with demand
✗ Frustration on both sides
✗ Shadow IT fills the gap
The answer isn't adjusting the permission dial. It's adding a platform layer between the cluster and the developer.
Six capabilities separate a self-service developer platform from raw infrastructure access.
Pre-approved patterns — dev environments, namespaces, databases — that developers provision themselves without involving the platform team.
Team A cannot see or touch Team B's workloads, secrets, or data. Isolation by architecture — not by cluster-admin permission management.
Policies, quotas, and RBAC enforced on every team workspace automatically. Compliance is built-in — not a conversation you have after an audit finding.
Usage and spend tracked per team, per project, per service. Chargeback to business units. No more mystery cloud bills — internal or external.
Every team gets the same database, the same monitoring stack, the same networking defaults. Standards enforced through the catalog — not through documentation people don't read.
Every action logged — who provisioned what, when, and in which team workspace. Compliance-ready from day one, not retrofitted before the audit.
Built on the same architecture that powers multi-tenant commercial clouds — applied to your internal platform.
What you need
How Cloud Orchestrator delivers it
Self-service catalog — golden paths developers can provision themselves
Service catalog — pre-approved environments, DBs, and namespaces, published by the platform team
Team isolation — hard walls between workloads
Tenant workspaces via KCP — isolated control planes per team, by architecture
Guardrails — policies enforced automatically on every team
Policy-driven quotas and RBAC — defined once, applied to every workspace on creation
Cost visibility — chargeback per team and project
FinOps metering engine — real-time usage and spend per workspace, exportable to any billing system
Audit trail — who did what, when
Built-in audit log — every action recorded per workspace, compliance-ready out of the box
No tickets. No waiting. No asking someone to provision something for them.
Today — ticket-based
Developer needs a dev environment
Creates a ticket in the platform backlog
Waits 1–3 days for the platform team
Gets access — misconfigured half the time
With Cloud Orchestrator
Developer logs into the internal platform portal
Picks a service from the catalog — dev env, DB, namespace
Provisions it — ready in under 2 minutes
Platform team never involved. Policy already applied.
The platform team defines the platform once. Every developer self-serves from it. Headcount stays flat as engineering grows.
Build a dev environment template once. Every developer across every team provisions from it — with the same config, same security posture, same guardrails.
Create a workspace. Policies applied automatically. Catalog available immediately. The platform team doesn't touch it — the system handles it.
From fielding provisioning tickets — to building new platform capabilities. The ratio of builders to ticket-handlers inverts.
The shift
Before
1 platform engineer per 10–20 developers. Bottleneck at every stage.
With Cloud Orchestrator
1 platform engineer per 100+ developers. Revenue from shipping product — not from managing tickets.
The same architecture that powers commercial multi-tenant clouds runs your internal developer platform.
Stakater Cloud runs on this model since October 2024 — multi-tenant, self-service, in production. The architecture handles real workloads, not demos.
The tenancy layer is certified on the Red Hat Marketplace. Enterprise-supported, not something you maintain yourself.
Deploys on top of your existing cluster. No new procurement, no separate IDP infrastructure. Add the platform layer to what you already have.
Stakater
✓ Red Hat Certified Multi-Tenant Operator
✓ Master Services Agreement — Sweden
✓ Reloader — 24B+ downloads, 9.9k GitHub stars
✓ Global team across 8 countries
Self-service for developers. Guardrails for the platform team.
Cost visibility for the business. All on the OpenShift you already have.
stakater.com